Lieberman Software Enhances Privileged Password Management Solution with New Secured Storage Measures and Access Control
Random Password Manager™ 4.0 is Industry’s First Password Management Solution with Hardware-Based Encryption, Also Offers Two-Factor Authentication
(Los Angeles, CA – April 28, 2008) Lieberman Software Corporation’s new Random Password Manager 4.0 is the first privileged password management product to incorporate hardware encryption, multi-factor authentication, and delegated workflow in one solution. The updated version offers comprehensive protection against unauthorized access to sensitive local passwords. The company will be exhibiting Random Password Manager 4.0 in booth 321 at Microsoft Management Summit 2008 in Las Vegas, NV this week.
IT groups at most large organizations maintain an extensive infrastructure of servers, workstations, mobile systems, databases, firewalls, and network devices, each of which are controlled with privileged passwords that provide full access on these components. Due to the large amount of such accounts, IT groups often deploy all systems with the same common password, and then leave this identical password unchanged. Larger and more complex organizations are more likely to have more people who need privileged access, increasing the probability of mistakes and deliberate attacks caused by using common local passwords.
According to Gartner Research Vice President Ant Allan, “In any organization, the use of every platform and device ultimately relies on superuser accounts, which are the most powerful in the organization. Although superuser accounts are indispensable in meeting
continuity and availability needs, unless organizations make a disciplined effort to ensure these accounts are used appropriately, they become a shortcut for lazy administrators, putting systems at risk.” 1
Random Password Manager mitigates this security threat by generating unique account credentials for every system in the network. This prevents an unauthorized user who decrypts one local password from gaining peer-level access throughout the enterprise.
However, even with conventional privileged password management, it is still possible to access local passwords through key loggers, shoulder surfing, social engineering, software debuggers, and similar attacks. The new access and control features of Random Password Manager 4.0 can eliminate these threats.
Random Password Manager 4.0 - The latest version of Random Password Manager can interface with any hardware security module (HSM) when a PKCS #11 interface library is provided. With an HSM, there is no record of keys stored in memory. Instead the keys are stored in a secure device, physically inside of a computer with encryption independently validated to FIPS 140-2 levels 2 and 3. As a result, software debuggers cannot locate and access decryption keys, allowing critical data to be compromised. Random Password Manager is the first privileged password management solution to offer hardware-based encryption.
Another upgrade in version 4.0 is two-factor authentication technology enabled by RSA SecurID®. This helps guarantee that only staff with physical possession of an RSA SecurID hardware authenticator and properly provisioned credentials can access the passwords generated and stored by Random Password Manager.
Other significant enhancements to Random Password Manager 4.0 include a delegated password workflow process, and support for Oracle and MySQL databases and OS/390 and AS400 systems.
“An effective privileged password solution must be able to manage passwords across multiple, cross-platform systems, ensure that stored passwords are continuously synchronized with the target systems, and allow delegated users to quickly retrieve these passwords on demand,” said Chris Stoneff, product manager at Lieberman Software. “However, it’s also essential that local passwords be securely stored and protected against unauthorized access. With the enhancements in version 4.0, Random Password Manager meets all of these criteria.”
Random Password Manager Specifications - Random Password Manager continuously randomizes local administrator and root account passwords on every system in the enterprise, and enables temporary recovery of current passwords via an audited web interface. The passwords are secured using AES-256 encryption in a SQL Server database, and SSL encryption of data to the browser. Random Password Manager supports Windows NT/2000/XP/Server 2003/Vista/Server 2008, Linux and UNIX servers and workstations; SQL Server and Oracle databases; and Cisco and Juniper hardware devices.
The product is certified for Microsoft Windows Server 2008 and Microsoft Windows Vista, and is RSA SecurID Ready.
Availability - Random Password Manager 4.0 is licensed by managed system and available now directly from Lieberman Software or through the company’s network of international resellers and distributors.
A free 30 day evaluation copy of Random Password Manager is available for download at www.liebsoft.com/Random_Password_Manager/.
About Lieberman Software Corporation Lieberman Software provides privileged identity management and configuration management solutions that help control the local security of the cross-platform enterprise. By automating time intensive systems administration tasks, Lieberman Software increases control over the IT infrastructure, subsequently reducing security vulnerabilities, improving productivity, minimizing system failures, and ensuring compliance. With products that simultaneously administer thousands of systems from a single console, Lieberman Software ensures that even the largest corporate, educational, and government enterprises remain managed, secure, and compliant. The company is a Microsoft Gold Certified Partner headquartered in Los Angeles, CA, with an additional office in Austin, TX. For more information, please visit www.liebsoft.com.
Gartner, Inc., “Best Practices for Managing Shared Superuser and Firecall Accounts", Ant Allan, 28 March 2008.
Product and company names herein may be trademarks of their registered owners.