In the News: 2013

Philip Lieberman, president and CEO of Lieberman Software, said: “There are a number of reasons why IT experts might be apprehensive about storing corporate data in the cloud. However, in my opinion, the key issues are around government surveillance, cloud legislation and data security.

"Lieberman says reaping the benefits of cloud can mean compromising on privacy and security. Things can change in situ anyway – cloud providers may go out of business, change their rates, or hire criminals to manage the resources."

Phil Lieberman, president and CEO of Lieberman Software Corp., doesn't believe so. "As with any type of addiction -- and this is to outdated security methods -- the first step is to acknowledge that you have a problem and want to address it," says Lieberman. "Many companies figure that they are immune or have nothing of value, so the threats to them are minimal or nonexistent -- [meaning], everything is nothing more than scare tactics of security vendors."

"Sounds to me like a case of the preachers not practicing what they preach. If we could understand why IT security pros don't follow a simple best practice like changing default passwords on new systems, we could probably understand why end users ignore security rules too. Hmmm. I confess that I don't always change passwords as recommended because it always seems like I have something more pressing to do. And here I don't even work in IT."

"IT departments that do not have a solution in place to automatically detect, flag and change default privileged passwords on newly deployed systems are neglecting a very common security hole," Lieberman said.

"The vast majority (81.4 percent) of IT security staff think that employees tend to ignore the rules that IT departments put in place, and more than half (52.2 percent) of the same respondents said they believe that employees would not listen more even if IT directives came from executive management, rather than IT, according to a survey by identity management and security management specialist Lieberman Software."

“The reality is that 100% protection is nearly impossible to achieve, but there are still best practices for securing access to critical systems and data that many organisations tend to ignore.”

A Lieberman Software survey also found that one third of organizations don't have a policy requiring default passwords to be changed.

“This simply must be a standard practice in any size organization,” said Lieberman. “Default privileged passwords are, in the truest sense, open backdoors into systems that are deployed on production networks. Most default passwords are publicly known and easily found online, meaning that anyone with malicious intent can use these default credentials as a foothold to gain anonymous access to systems and applications throughout the network.”

Lieberman says he and Pingree have been going back and forth on these issues to the point where the two placed a $1 bet with one another at RSA about Facebook's long-term potential as an enterprise IAM play. For his part, Lieberman says Facebook simply can't handle the hierarchical, group-based nature of enterprise identity environments.

“For example, this survey revealed the unfortunate fact that 32 per cent of IT groups are still not changing default passwords when deploying new systems. This simply must be a standard practice in any size organisation. Default privileged passwords are, in the truest sense, open backdoors into systems that are deployed on production networks."

Lieberman believes a lack of security consciousness among other US organisations will cost the country dearly. “The next major threat will come from a nation state taking aim at our critical national infrastructure and knocking out resources essential to life,” he said. “This will be an easy target since many of the utilities have little interest or appreciation for security. Their systems have been fully characterised by hostile powers external to the United States and will eventually be turned off and/or damaged when the time is right.”

"AD can be used in so many ways. Microsoft is already using it for hundreds of millions of users as the basis for all of its cloud-based services, so scalability isn't an issue," Lieberman says. "It's just a place to store stuff about identities and information about what they can do. Out of the box it ties all of the Microsoft stuff together but there was never a restriction that said you couldn't use it for something else."

"But what Lieberman Software hoped to demonstrate was that organizations, and subsequently the channel, will consistently require some kind of alternative solution that not only prevents users from circumventing security, but compels adherence. Lieberman pointed to its own flagship privileged identity management (PIM) solution as a viable answer."

"As identity management company Lieberman Software found out with a survey of IT security professionals at RSA, the state of unauthorized privileged access and the likelihood of their own organizations withstanding data breaches have their hands full. In fact, as referenced below, even if the CEO mandates certain practices the pros think even the boss with have his/her wishes ignored."

"These behaviors are continuing even after it has been proven that human error is the leading cause of data breaches," Lieberman said. "Organizations need to implement better cybersecurity training that properly instructs staff about the consequences of data breaches."

"A recent survey from Lieberman Software Corporation reveals that more than 80% of IT security professionals believe that corporate employees deliberately ignore security rules issued by the IT department."

According to Phil Lieberman of Lieberman Software, in spite of AD's supreme scalablity, the problems McKinnon identifies contributes to LDAP's lack of viability as an authentication method organizations can use in the cloud. "That's not necessarily what they might want to use and so this brings up the question of federation," says Lieberman, pointing to rumblings of using a mechanism like a Facebook log-in to tie together access to enterprise cloud resources.

There are a LOT of "privileged identity management" solutions available on the market that can manage local admin accounts: Lieberman Software - Random Password Manager and Enterprise Random Password Manager.

Los Angeles cyber-security expert Philip Lieberman, who consults for some of the companies that took part in the meeting, said Obama was trying to persuade the CEOs to spend more on network security and to work more closely with the federal government against cyber threats.

Phil Lieberman, president of Lieberman Software, said: “The reality of the situation is that the loss of the encrypted password file is probably a non-event since the ability to figure out the actual passwords is pretty much impractical. I believe that the company figured that the decision to ask users to change their passwords was in actuality a real abundance of caution and a potential protection against a lawsuit.”

"Last week, security software vendor Lieberman Software launched a version of the two man rule to control the passwords for privileged user profiles."

Some information placed in the cloud can get into the wrong hands because of equipment mishaps or employee foul-ups. There also are growing fears it could happen it as a result of lawsuits or government subpoenas. Of 100-plus IT professionals polled last year by security firm Lieberman Software, 48 percent said "the thought of government or legal action deters them from keeping data in the cloud."

"A research into the opinions of IT specialists carried out by Lieberman Software in 2012 found that 67% of respondents thought that BYOD increased IT and security costs and 43% worried that BYOD could lead to a virus infecting the organisation."

Lieberman Software Corporation is extending double safekeeping to privileged identity management in the latest version of its Enterprise Random Password Manager (ERPM) product.

"Nearly seven out of eight information-technology professionals do not trust cloud providers to protect their companies' most sensitive data, according to a recent survey conducted by Lieberman Software, a provider of privileged access management products. The majority would not trust cloud providers with their own personal data, either."

"The next major threat will come from a nation state taking aim at our critical national infrastructure and knocking out resources essential to life.  This will be an easy target since many of the utilities have little interest or appreciation for security.  Their systems have been fully characterized by hostile powers external to the United States and will eventually be turned off and/or damaged when the time is right."

"Lieberman Software Corporation has announced that the company has entered into a channel partner agreement with Quoinx Technologies. Quoinx is providing Lieberman Software’s identity management products to customers throughout India, helping organizations secure privileged accounts, protect sensitive data and achieve regulatory compliance."

"Half of all IT professionals aren’t buying into cloud services – and government snoopers know exactly which half, because its their fault, says a report. Suspicions of omnipotent Big Brotherly monitoring of sensitive and private cloud data is killing interest in the cloud computing sector, according to Lieberman Software."

"How to control privileged accounts." (Russian)

Yubico's hardware, which can be plugged into a card reader or USB port, has some consumer perks, according to Philip Lieberman, president of Lieberman Software. "They are the only solution that allows the consumer to program their own token, rather than depend on the vendor of the token itself."

"Often orphan accounts are left enabled because of messy provisioning processes that leave permissions so tangled with key business processes it would be a nightmare to clean up. For example, Lieberman says he's seen environments where users in IT install line of business applications using their personal account as the service account, so that the application runs all users of that application under that user account. If the employee who installed the application leaves, and the HR or IT department shuts down their account, then the line of business application goes off-line."

Fresh from inking their first joint customer win, privileged identity management vendor Lieberman and VAR Accumuli Security have struck up a European partnership. The duo recently won a deal to implement Lieberman's Enterprise Random Password Manager (ERPM) at an unnamed "large grocery retailer".

“Provided the cloud service has underlying VPN encryption and other basic security facilities, then it can often make economic sense to invest in a privileged identity management platform – with all the extra security features this offers – than going down the value-added cloud services trail,” he said.