Who's Watching the Watchers?
President & CEO
your data center it’s the system administrators, DB admins, and IT
managers who hold all the power — controlling everything from employee
access to the confidentiality of private customer data. So much power
in the hands of a few individuals ought to be a scary prospect to
organizations that depend upon IT to keep the business running and data
The simple truth is that today virtually all IT staff enjoy anonymous,
unaudited, 24/7 access to your data center applications, computers, and
appliances through use of privileged account credentials. More IT
auditors are beginning to notice that this lack of accountability has
brought organizations out of compliance with key industry mandates —
SOX, PCI-DSS, HIPAA, and others. The bad guys have also taken notice,
exploiting these all-powerful and often poorly secured credentials in
many of the latest, headline-grabbing breaches that include the attacks
on Google and other U.S. technology firms.
Organizations that are looking to advance IT governance and stay
compliant should ask these four questions…
Read the rest of Best
Practices for Watching the Watchers in Enterprise Systems Journal.
worked with many organizations over the years,
I've realized that shared passwords, seldom changed privileged
credentials, and employees with too much access and too little
accountability are the rule rather than the exception. The outcome is
never good: embarrassing security breaches and costly IT audit
do you think? Email
me at: firstname.lastname@example.org.
Tip of the Month
Move All Except
Group policy is great for defining which users should be members of
which groups. However, it lacks the granularity sometimes needed to map
specific group memberships to individual users. But User Manager Pro
Suite has no such limitations. Learn more.
Identity Management: An Executive Overview
This fast-paced overview gives you all the facts you should know about
privileged identities. You’ll learn real-world business drivers for
taking control of privileged access, implementation best practices, and
how different management approaches can deliver different results.
Avenue of the Stars,
Angeles, CA 90067
| Customer Snapshot:
Founded in 1938, Wings Financial serves
126,000 members from 130 air transportation companies worldwide,
including 54 airlines. Wings also serves people throughout the 13
county Twin Cities metropolitan area. Wings ranks among the top 50
credit unions by asset size out of more than 8,000 credit unions in the
Situation: Without a reliable and automated method to regularly
locate and change its privileged account passwords, Wings Financial was
burdened with IT workload issues and increased security risks.
Solution: Enterprise Random Password Manager was deployed in the
credit union’s enterprise to track, update and store privileged account
Result: Wings Financial increased IT staff productivity, secured
access to its sensitive financial data, and proved compliance with
regulatory password change requirements.
to read the detailed case study.
New in Identity Week
commentary on our Identity
Week blog this month includes:
Recent Updates, PCI DSS Security Flaws Remain
Last month’s announcement of Payment Card Industry Data Security
Standard 2.0 (PCI-DSS v. 2.0) created a flurry of news reports in the
IT media, but in reality changed little about the way that businesses
guard sensitive cardholder information on their networks...
Events / Press /
the Oracle Ecosphere Evolves, So Do Its Participants. Database Trends and Applications.
"Going into 2010, we're repeatedly witnessing pervasive bad behaviors
with respect to database security," says Phil Lieberman, CEO of
Lieberman Software, a provider of enterprise security and privileged
identity management solutions and long-time Oracle partner. Examples
include "Common and unchanged DBA accounts being used by multiple
administrators, with no ability to audit the actions performed by the
database administrators, and unchanged application to database account
Reasons Why Privileged Identity Management Implementations Fail. Virtual Strategy Magazine. "...
many organizations seem to grasp too late that implementing a
privileged identity management solution is too important a process to
delegate to a rubber-stamp RFP or a battle of vendor check boxes. If
handled correctly your implementation can enable you to close critical
security loopholes; help make staff members accountable for actions
that impact IT service and data security; and lower the cost of
gains password management vendor. ARN. With a
focus on governance, risk and compliance products, Aquion was looking
for a password management offering for the enterprise market. This led
to the company approaching Lieberman Software, which provides identity
Hospitality Hackers. Hospitality
Technology. It's official; 2009 was the year of data breaches in
hospitality. Find out how Lieberman Software helps prevent these
breaches and more.