September 2009

Top of Mind

Security - Is a Penny Worth the Trouble?

Philip Lieberman
Founder and CEO
Lieberman Software Corporation

When it comes to protecting an organization’s critical digital assets, compliance cannot be a “some of the time” process – it must be “all of the time”. Organizations cannot simply aim to meet federal regulations such as SOX or PCI DSS once a year. Potential security threats are constantly evolving; meaning IT managers must be constantly monitoring their networks to safeguard the company’s most sensitive data.

In order to properly secure an enterprise network, an organization must limit access to its critical data only to those who require it, and that access must be audited continuously. The process of continuous auditing manages threats by testing non-stop for network vulnerabilities and fixing problems immediately.

What exactly is continuous auditing, why is the process important for certain types of organizations, and what are the potential threats organizations may face when ignoring this approach?

Want more? Read Mr. Lieberman's article: "How GRC Principles Measure Security and Accountability" he

Tech Tip of the Month

User Manager Pro Suite has long been regarded as a leading Windows mass management solution capable of modifying and reporting on numerous configuration settings on any number of systems simultaneously.

A lesser known, but very valuable, attribute of the product is its use of recently patented technology to prevent malicious software and other unauthorized applications from executing on client systems. Find out how here.

Lieberman Software Corporation
1900 Avenue of the Stars
Suite 425
Los Angeles, CA  90067

(01) 310-550-8575

Customer Snapshot: 

London's University of Westminster has chosen Enterprise Random Password Manager (ERPM) to control access to privileged accounts on servers, workstations, and network devices in the University’s multi-platform environment. ERPM is being implemented throughout the University's seven network sites as part of an overall IT security and auditing strategy, and to assist with a new initiative to centrally manage its system administration.

The Situation:  “We need to control and audit access to all of the privileged account passwords in our network, and decided on Lieberman Software’s ERPM for its automated account discovery capabilities, auditing features, and productivity benefits,” said Jonathan Hughes, User Systems Manager at the University of Westminster.

The Solution: 
“Among the solutions that we evaluated, ERPM is the only one that can automatically discover every privileged account on our network, providing real advantages over the less effective, less reliable manual alternatives,” raved Jonathan Hughes.

The Result:
  With ERPM, IT staff at The University of Westminster will no longer have to rely on tedious and inefficient manual processes to manage privileged accounts. The staff will also be able to gain secure, remote administrative access on demand for conducting IT administration duties. And, ERPM’s centralized control of all privileged accounts throughout the enterprise aligns with the University’s initiative to restructure its IT service into a centrally managed operation. 

“While there were numerous factors in our decision to install ERPM enterprise-wide at the University of Westminster, the implementation was primarily driven by regulatory compliance and security demands,” Hughes said. “The product’s access and control reporting will be valuable to our annual security audit. And, while we've never experienced a security breach, we are aware of the serious threat posed by unsecured privileged accounts. ERPM mitigates this risk.”

Please click here to read the full story.

Product Updates / Launches / Podcasts
  • CS Techcast: An Information Technology Podcast for IT Pros. CS Techcast 81: Finding the Holes in Privileged Accounts. This week we are exploring privileged account management and how to reduce the attack surface of that powerful access with Philip Lieberman, President and CEO of Lieberman Software. His comments start at 00:11:35 and run through 00:28:00
  • Privileged Identity Management and Regulatory Compliance: How can privileged identity management help organizations pass their security audits and meet regulatory compliance? Find out in this podcast from RSA Conference 2009.

Analysts / Press / Events
  • Active Directory Q&A: Demand Rises
    By Andres Cser, Forrester, August 11, 2009
    "To alleviate this problem, you should combine the approaches of using Microsoft's System Center Operations Manager and moving toward password safes, which centrally hold, issue, change, and verify all sensitive passwords to system administrators with appropriate privileges."

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. If you do not wish to receive email messages from Lieberman Software in the future, please click here.