Privileged Identity Management News Line August 2010

Top of Mind

Insider Threats, Misused Privileges are Leading Causes of Security Breaches

Philip Lieberman, President & CEO, Lieberman Software

Verizon Business recently released its 2010 Data Breaches and Investigations Report with some fascinating results. According to the report, 48% of data breaches are caused by insiders, up from only 22% last year.

Not surprisingly, the research also identified the misuse of privileges as the top threat vector for the year. Even less of a surprise is the fact that database servers were the top target in terms of both the number of breaches (25%) and volume of records (92%).

Of interest to me - and now hopefully to you - was the following incident:

"THE SLIPPERY SLOPE OF INSIDER MISCONDUCT: Verizon investigated a case in which a recently terminated system administrator stole sensitive data from his former employer as well as personal information belonging to its customers. He then attempted to blackmail the organization and threatened to go public with the information if they did not meet his demands. Obviously, not a good situation but what makes it worse is that it might have been avoided with a few changes in policy and practice. On several occasions in the past, this employee had been cited for IT policy violations and inappropriate behavior. There were harassment complaints against him filed by other employees. Finally, when he stole a co-worker’s password for a popular social networking site and modified it with slanderous content, he was let go. Unfortunately, his generic administrative account was given to his successor with a minor password change (i.e., 'Password2' instead of 'Password1') and we’ve already covered what happened after that."

This is an excellent example of what can and does happen if privileged passwords are not properly managed. How are you managing your privileged accounts?

This report (and reports by other organizations such as DataLossDB and the Identity Theft Resource Center) states that public breach disclosures were down significantly in 2009. The authors suggest that the decline could have occurred because either the supply of stolen data has outpaced demand, or law enforcement is becoming more effective in capturing criminals.

In my opinion there could be a third, more ominous reason for the decline in disclosures: the Verizon report states that discovery by external parties – including third party-fraud detection, law enforcement, and so on – dropped significantly in 2009. Perhaps cybercriminals are getting better at covering their tracks.

Starting on page 59 the report offers conclusions and recommendations. It was good to see that restricting and monitoring privileged users was the very first recommendation. Fortunately privileged identity management software can make this step very practical to achieve.

What do you think? Email me at: phil@liebsoft.com.

Tech Tip of the Month

Enrolling New Systems with the ERPM/RPM Software Development Kit (SDK)

You bring new systems online in your environment on an ongoing basis. To properly secure these systems the minute they come online, you need to manage the administrative credentials. Learn how you can do so easily with the Enterprise Random Password Manager SDK in this five minute video.

Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA 90067
Liebsoft.com

(01) 310-550-8575
newsletter@liebsoft.com

Events / Press / Analysts

WEBINAR: August 19, 2010. Click the link below for more information and to register for our complimentary webinar: Securing Federal Information Systems: Privileged Identity Management

WEBINAR: September 14, 2010. Click the link below for more information and to register for our complimentary webinar: Windows Security & Mass Management Made Easy!

Information Security and Risk Management Conference. September 13-15, 2010. Las Vegas, NV. Visit us at Booth 17.

ArcSight Protect 10 Conference. September 19-22, 2010. Washington, D.C. Lieberman Software is the Diamond Sponsor of this event. Attend Philip Lieberman's presentation on September 22 @ 10am. Visit us in the CyberSecurity Hall!

Windows XP: Widely Used, Widely Attacked. Redmond Magazine. "The growth will be explosive due to the pent up demand from Windows XP users that have been excluded from the improvements in hardware and software technologies due to the XP operating system's inabilities," said Phil Lieberman president and CEO of Lieberman Software. "We will also be seeing ISVs exploiting more of the advanced user interface features of Windows 7 and Server 2008 as they become the de facto standard for desktops and servers."

New Beta of Microsoft Security Essentials Released. Redmond Channel Partner. "This is good news for consumers; bad news for McAfee and Symantec," said Phil Lieberman, president of Lieberman Software. "Since most consumers do not buy antivirus and antimalware software, this is a great example of Microsoft stepping up as a responsible corporate citizen by providing some basic free protection for those consumers that simply can't or won't buy protection."

Assess Your Defenses. Processor Magazine. The process of evaluating your security defenses isn’t simply a device for putting out fires or satisfying customer complaints about specific system issues. These assessments are tied to a greater worth that ensures that the entire business can operate as expected and that its reputation remains intact.

Sidestep Windows 7 Problems. Processor Magazine. “Given the very low cost of replacement hardware that already includes Windows 7, it is generally a big mistake to try to upgrade hardware and especially peripherals (except for printers) that are more than three to five years old,” says Phil Lieberman, president of Lieberman Software. “Most users should use the 64-bit version of Windows 7 with a minimum 4GB of memory."