Lieberman Software

September 2011

Top of Mind

Shionogi Shutdown and the Power of IT

Philip  Lieberman, President & CEO
Lieberman Software

Recently, I came across an article by Robert McMillan in Computerworld that really got my attention. McMillan’s article covers an event that occurred earlier this year in which Jason Cornish, a former employee of U.S. pharmaceutical company Shionogi, was able to destroy most of the company’s computer infrastructure.

Cornish was laid off in 2010 along with some other employees. Unfortunately, Shionogi did not change the passwords that gave Cornish access to systems and applications on the company’s network. Cornish was still able to use his credentials to log into the company’s network from a public McDonald’s WiFi connection in February and launch a vSphere VMware management console that he’d secretly installed on the company’s network a few weeks earlier.

According to the story, Cornish deleted 88 company servers from the VMware host systems, one by one. The U.S. Department of Justice reported that the attack effectively froze Shionogi’s operations for a number of days, leaving company employees unable to ship product, cut checks, or even communicate through e-mail.

This story is just another unfortunate example of too many people having too much access to sensitive data for too long. Because many companies blindly trust the members of their internal IT departments and fail to control access to sensitive data, what happened at Shionogi is certain to reoccur again and again.

The Shionogi incident is solid proof that IT departments absolutely must change their privileged account passwords regularly – and have the tools in place to revoke privileged access immediately when job roles change. It is evident that the wrong IT employees can be granted full administrator access – and use that access with crippling results.

Our latest survey found that 78% of the IT professionals interviewed admitted they could walk out of the office taking highly sensitive information with them. Cornish clearly fit into that mold, but your own IT staff can be made accountable if you take the right steps to secure privileged logins. The best advice I can give to any organization is to make security a strategic investment and deploy software that automates privileged identity management.

Does your company change its privileged account passwords regularly?

Email me at: You can also follow me on Twitter: @liebsoft or connect with me via LinkedIn.

Vote for ERPM in the SC Magazine Awards!

Enterprise Random Password Manager is nominated for Best Identity Management Application.
Only subscribers of SC Magazine that work for an end-user organization are eligible to vote, so please VOTE NOW if you can. Thank you in advance.

What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:
  • Encrypting Your Data is Not Enough. By exploiting weak or non-existent privileged access controls and technology, an insider, former employee or criminal can easily get to the encrypted data by gaining access to program encryption keys. Encryption is a good first step, but failing to actively control privileged identities degrades its value...

Partner News

>> EdgeSeven will provide Lieberman Software's PIM and security management products to its customers throughout the United Kingdom.

Jon Inns, co-founder of EdgeSeven, said: “The mission of our company is to provide organisations with world class situational awareness about the security activities across the enterprise. Lieberman's PIM capabilities are critical to us delivering on that mission as misuse, loss, sharing and compromise of high value credentials is still a huge problem for organisations.” Read more.

>> Nanjgel Solutions will be Lieberman Software's value added distributor for the Middle East nations of the Gulf Cooperation Council (GCC) which includes Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the United Arab Emirates.

In its new role in the Lieberman Software Partner Program, Nanjgel will not only continue to market, sell and support Lieberman Software’s privileged identity management (PIM) solutions and other products directly to its clients, but will now provide localized support to authorized resellers and service providers in the region. Read more.

Events / Press / Analysts

Tech Tip of the Month

How to Handle Service Account Dependencies

When a Windows Service restart is required all Service dependencies must be fully functioning to ensure that there are no system disruptions or downtime. Fortunately, our Service Account Manager tool utilizes a proprietary algorithm to map dependency relationships. Here’s how.


  Follow us on Twitter!

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.
Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067
           |    (01) 310-550-8575  |