Staying Ahead of Attackers
Philip Lieberman, President
R & D
Last month I described a
little about our vision of technology handling large scale security
management as well as how we saw our investment in R & D as our
secret sauce that makes our products different from anything you could
write yourself or buy from our competitors.
In this month’s column I
would like to clarify a few terms you may have heard our competition
throw around claiming parity with our solutions.
In our company, discovery
refers to the ability of our products to automate the continuous
discovery/deletion of machines, accounts, and where/how identities are
used in your environment without the need for human interaction in the
In other words, we
discover most every identity and how it is being used from day 1 and
determine what is a privileged identity in the sea of all accounts by
evaluating discovered usages.
Discovery is not only the
ability to find all this information, but also the inherent ability
within the product to change identities and where they are used without
causing outages. The propagation of change is also built into the
product as well as the ability to handle very complex and distributed
usage cases without the need for humans to write specialize code. This
includes corner cases such as DMZs, clustered services, and isolated
domains – again without customization.
vs. Real-Time Discovery
If you take a snapshot of
identities and how they are being used, how long is that information
valid? In most situations, the information should be considered suspect
within minutes of its discovery. If your current solution requires that
you take manually take usage snapshots and import them by hand, how
well do you think that strategy will work against nation-state attacks?
Answer: not very well.
Our strategy is to always
rediscover and correlate usage regularly without human intervention and
always automatically rediscover everything needed for a password change
right before making a password change so that we are always using the
most up-to-date information.
The entire lifecycle of
an identity from its initial discovery, initial password randomization,
password check-out/check-in, timed re-randomization (called auto-roll
in our product), and periodic verification of access with the latest
credential is an automated process in our solution. All of these steps
are built into the product, require no customization, and work as
expected. This is not our heartbeat, but just the normal lifecycle of
identity management for enterprises.
We also have a special
technology known as the Heartbeat Monitor that checks for flaws in the
protocol stacks of different operating systems that cause a connection
or transaction to get stuck permanently. Our Heartbeat Monitor examines
transactions and automatically kills threads that are not making
progress for a very long time. This technology is designed to assure
that large jobs managing enormous environments are not jammed up
indefinitely due to a single sick machine that is not handshaking
properly and where the built-in operating system will not release the
Our Zone Processor
technology has been in development for over a decade and provides a
host of technologies needed by large distributed environments that
demand performance, fault tolerance, and also require that work be
automatically distributed across the globe in an automated manner.
Our discovery and
propagation technology makes a huge number of network calls to every
machine to determine identity storage and usage. When operating in a
physically distributed network with high latency, zone processors are
configured to proxy work using a local machine on each network for fast
results. For resiliency, zone processors operate in tandem to take up
work as needed in the job queues.
For very large jobs, the
order of completion is not deterministic and zone processors are
designed to automatically break up work and cooperatively complete
complex jobs with no need for human assistance in the completion plan.
Zone processors are a
unique technology only available from us and get better in each version
of our product as we tune their algorithms.
There are more
differentiators we will cover in future Top of Mind editorials. Suffice
it to say, that although you may pay more for our solutions than our
competitors, the result of your investment is the purchase of better
technology that meets your business needs in hours not years.
you think? Email me at: Phil@liebsoft.com.
You can also follow me on Twitter: @liebsoft
or connect with me via LinkedIn.
New in Identity Week
Featured commentary on our Identity
Week blog this month includes:
- Are Hackers Targeting Your Help Desk?
A recent whitepaper from the SANS Institute and RSA Security reports
that the corporate Help Desk is now a prime target for hackers. The
report details social engineering exploits that succeeded in stealing
passwords, employees’ personal information, and other private data from
Help Desk staff...
Events / Press /
you like an eat to bite? SC Magazine. At the time of
writing I'm not sure if Edward Snowden is still sitting in a Moscow
transfer lounge or settling in to his 'luxury apartment' in a barrio in
Venezuela. Regardless of where he is, I've become relatively blasé when
it comes to hearing about yet another security breach, or of stories
that Big Brother is watching us. It's almost like a traffic policeman
going to the press and saying that speeding fines are a money-making
racket; as if the average person in the street is going to be
intervention scares users from using the cloud. SC Magazine UK.
A fear of government snooping is deterring IT departments from using
the cloud. According to a survey of 300 IT managers, 48 per cent said
that the potential for government and legal interference puts them off
from entering information into the cloud environment.
Growing Up? Dark Reading. The formalization of requirements
that push organizations toward implementing risk management practices
and security processes that persist beyond auditor visits are important
for the credibility of the standard and the health of security
practices at organizations subject to PCI scrutiny, says Philip
Lieberman, CEO of Lieberman Software.
- PCI 3.0 Gets
Positive Initial Reviews from Security Pros. IT Jungle. For
many IT professionals, the letters "PCI DSS" conjure painful memories
of invasive audits of internal systems that, in the end, generated
hundreds of billable hours for compliance experts but did little to
actually boost security. While the PCI 3.0 standard that was previewed
last week won't eliminate deep scrutiny, it may actually boost
security, experts say.
Identity Management in the Cloud. Cloud Computing Journal.
Every cloud infrastructure can be home to potentially hundreds of
thousands of vulnerable privileged accounts. The presence of automated
hacking tools means improperly secured privileged logins are almost
certain to give hackers free reign on the network and access to
customers' private data, within minutes of an incursion.
Takes First Steps to Heal Public Perception by Eliminating IT Jobs.
Windows IT Pro. In the next chapter of the PRISM scandal,
Reuters is reporting today that the NSA will be eliminating 90 percent
of its system administrators. NSA confirmed what we have been saying
for years: persistent and broad access to sensitive systems is
inappropriate. This also points out the other issue of privileged
access, namely the problem of using contractors and controlling their
Korea ‘Uses Troll Army For Attacks On South’. TechWeek Europe.
North Korea is using an army of 200 trolls and 3,000 cyber security
experts to undermine and attack South Korean organisations. This is a
perfect illustration of the ability of anyone with a connection to the
Internet to use it for asymmetric warfare. As a nation state, North
Korea is projecting its power and influence in all ways available to
it. This is not dissimilar to all other countries with cyber-warfare
Tech Tip of the Month
The web-based user interface of Enterprise Random
Password Manager and Random Password Manager is localized in over
twenty different languages. Is your language supported? Find out now.