Security - Is a Penny Worth
Lieberman, Founder and CEO
When it comes to protecting
an organization’s critical digital assets, compliance cannot be a “some
of the time” process – it must be “all of the time”. Organizations
cannot simply aim to meet federal regulations such as SOX or PCI DSS
once a year. Potential security threats are constantly evolving;
meaning IT managers must be constantly monitoring their networks to
safeguard the company’s most sensitive data.
In order to properly secure an enterprise network, an organization must
limit access to its critical data only to those who require it, and
that access must be audited continuously. The process of continuous
auditing manages threats by testing non-stop for network
vulnerabilities and fixing problems immediately.
What exactly is continuous auditing, why is the process important for
certain types of organizations, and what are the potential threats
organizations may face when ignoring this approach?
Want more? Read Mr. Lieberman's article: "How GRC
Principles Measure Security and Accountability" here.
Tip of the Month
Manager Pro Suite has long been regarded as a leading Windows mass
management solution capable of modifying and reporting on numerous
configuration settings on any number of systems simultaneously.
A lesser known, but very valuable, attribute of the product is its use
of recently patented technology to prevent malicious software and other
unauthorized applications from executing on client systems. Find out
Avenue of the Stars
Angeles, CA 90067
has chosen Enterprise Random Password Manager (ERPM) to control access
to privileged accounts on servers, workstations, and network devices in
the University’s multi-platform environment. ERPM is being implemented
throughout the University's seven network sites as part of an overall
IT security and auditing strategy, and to assist with a new initiative
to centrally manage its system administration.
need to control and audit access to all of the privileged account
passwords in our network, and decided on Lieberman Software’s ERPM for
its automated account discovery capabilities, auditing features, and
productivity benefits,” said Jonathan Hughes, User Systems Manager at
the University of Westminster.
the solutions that we evaluated, ERPM is the only one that can
automatically discover every privileged account on our network,
providing real advantages over the less effective, less reliable manual
alternatives,” raved Jonathan Hughes.
The Result: With ERPM, IT staff at The University of
Westminster will no longer have to rely on tedious and inefficient
manual processes to manage privileged accounts. The staff will also be
able to gain secure, remote administrative access on demand for
conducting IT administration duties. And, ERPM’s centralized control of
all privileged accounts throughout the enterprise aligns with the
University’s initiative to restructure its IT service into a centrally
“While there were numerous factors in our decision to install ERPM
enterprise-wide at the University of Westminster, the implementation
was primarily driven by regulatory compliance and security demands,”
Hughes said. “The product’s access and control reporting will be
valuable to our annual security audit. And, while we've never
experienced a security breach, we are aware of the serious threat posed
by unsecured privileged accounts. ERPM mitigates this risk.”
Please click here
read the full story.
Launches / Podcasts
- CS Techcast: An
Information Technology Podcast for IT Pros. CS
Techcast 81: Finding the Holes in Privileged Accounts. This
week we are exploring privileged account management and how to reduce
the attack surface of that powerful access with Philip Lieberman,
President and CEO of Lieberman Software. His comments start at 00:11:35
and run through 00:28:00
/ Press / Events
- October 8, 2009
Irvine, CA: Special Luncheon Briefing "Securing
Your Infrastructure – Privileged
Identity Management & Data Protection." Join Lieberman,
Lumension and Microsoft from 10:00am to 12:30pm. Click here
for more information and to register.
- October 9, 2009 –
San Diego, CA: Special Luncheon Briefing "Securing
Your Infrastructure –
Privileged Identity Management & Data Protection." Join
Lieberman, Lumension and Microsoft from 10:00am to 12:30pm. Click here
for more information and to register.
12-14, 2009 – San Francisco, CA: We will be exhibiting at Oracle OpenWorld
in Moscone Center. Stop by our
booth – # 3514 – and check out Enterprise Random
Password Manager's native
integration with Oracle Database 11g Release 2 and Oracle Internet
Directory. Submit your name to enter to win our grand prize giveaway!
Directory Q&A: Demand Rises
By Andres Cser,
Forrester, August 11, 2009
"To alleviate this
problem, you should combine the approaches of using
Microsoft's System Center Operations Manager and moving toward password
safes, which centrally hold, issue, change, and verify all sensitive
passwords to system administrators with appropriate privileges."