Lieberman Software

PRIVILEGED IDENTITY MANAGEMENT NEWS LINE
 
Follow us on Twitter  Follow us on LinkedIn  Blog  Lieberman Software on YouTube                                                                                                                                                                                   February 2012

Top of Mind

A Picture is Worth…

Philip  Lieberman, President & CEO
Lieberman Software

About two years ago Lawrence Pingree of Gartner and I had a great conversation at the RSA show in San Francisco about our products and about the huge amount of security and configuration data we collect and show. Mr. Pingree challenged us to unlock this treasure trove of information for customers by providing flexible access to the data in a variety of formats besides columnar reports.

That single conversation at our booth sparked a development effort over the last two years to create a new dashboard and visualization system for our privileged identity management products that we will be showing at the 2012 RSA show.

History

With version 4.83.3 of Enterprise/Random Password Manager (E/RPM) we started exposing more and more of the internal data we collect on platforms, accounts and internal configuration information. This new data appears as new columns of data and we have added a “Details” button to make available additional views of data/systems. We have also been adding more data into existing columns to show items such as completion success percentages, time taken per job, and other data.

Next Version

Starting with version 4.83.4 we are adding graphical rendering of data in dashboard format, via interactive ad-hoc configurable graphs. These dashboard panels and interactive graphs will support both 2D and 3D renderings. We’ve also provided a rich range of graphing and scaling options, and a broad palette of color schemes to help highlight a lot of interesting data. Most of the graphs support immediate drill down into the supporting columnar data used to produce the graph elements.

What We Learned

As we developed the dashboards and visualizations we started to realize that every graph we created increased the demand for even more graphs as we started asking “what if we could see…?” For example, we support a scalable architecture for distributed processing of jobs, but we never had a way of graphing the utilization of these zone processors. Similarly, if we had jobs that were taking too long, these would tend to get lost in the columnar data of jobs. By implementing a graphical representation of past jobs, we were able to see which jobs were impacting the completion time of others.

In a similar vein, we started graphing what users were doing, which accounts were most active, and all kinds of regular operational data that immediately allowed us to find issues with users, systems, and behavior almost instantaneously.

It is really amazing how the human mind can instantly see patterns in data when represented as graphs. In some cases, the 3D representation combined with logarithmic scaling can find very important low frequency events that would be impossible to see in data tables.

Exciting Future or Just Eye Candy?

I have to admit that many of the development team members were skeptical about spending time on “eye candy” for customers instead of making better and stronger plumbing (our historical role). Once we started grinding through the masses of data and putting them into graphical form, everybody on the development team got more and more excited about the inherent value that visual data can provide.

As part of this new module’s creation, we found that grinding down gigabytes of data into graphs on demand in a reasonable amount of time (less than 30 seconds) turned out to be just as challenging as changing passwords on 500,000 systems in less than an hour. As it turns out, the computer science behind creating useful graphics based on tremendously large data sets turns out to also be a fun challenge that we have met.

The new reporting graphs do not concentrate on specific compliance scenarios (no phony graph of PCI/HIPAA/FISMA compliance: it is green so we must be good), but rather on the reporting of true security metrics (coverage, count, depth) and providing the ability to drill down to the data to prove coverage and proactive controls.

Thank You, Mr. Pingree!

When we exhibit at tradeshows we are obviously there to introduce our solutions to new customers as well as to meet existing customers. Every once in a while we meet with a customer or analyst that challenges us to do even better. I am happy to say that at RSA 2012 we have something that shows how we can do privileged identity management even better.

Stop by RSA 2012 in San Francisco

Stop by our booth at RSA in San Francisco from February 27 – March 2, 2012 at booth #341 to see our full range of IT administrator tools as well as our privileged identity management solutions.

Don’t forget to ask for a sneak peek at our new dashboards and visualizations for privileged identity management that will be appearing in the next version of E/RPM.

Beta Testers Needed

If you are an existing customer of E/RPM and are interested in beta testing the latest version of E/RPM before its release (including dashboards and visualizations), please send a request to support@liebsoft.com and ask to receive access to the E/RPM 4.83.4 beta.

What do you think? Email me at: phil@liebsoft.com. You can also follow me on Twitter: @liebsoft or connect with me via LinkedIn.
 

Tech Tip of the Month

Push and Run with User Manager Pro Suite

Need an easy way to run a one-time or recurring program or script across many Windows machines? User Manager Pro’s Push and Run lets you do just that. Here’s how.
 
Customer Snapshot: Wesco

Founded in 1952, Wesco is a family-owned and operated chain of 51 convenience stores based in Muskegon, Michigan.

The Situation: To comply with PCI-DSS regulatory mandates and achieve security best practices, Wesco needed to regularly update administrator passwords and document the changes.

The Solution: Lieberman Software’s User Manager Pro Suite (UMPS) and Task Scheduler Pro were deployed to all sites in the Wesco network.

The Result: Windows administrator passwords are automatically changed every 90 days, and all changes are audited.

“UMPS sends the new passwords to all of our stores, updates all of our systems and, in literally a minute, it’s done. Later, I can show our PCI auditor reports of all the password changes that we’ve implemented.”

Click here to read the detailed case study.



What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:
  • Do you want to know “who did what” on your servers? Guest Commentary by Gábor Marosvári, Product Marketing Manager, BalaBit IT Security. There’s plenty of proof that controlling privileged access and tracking the actions taken by privileged users are both crucial elements of a secure enterprise...
  • Technology Job Creation and the Presidential Primaries. The Republican presidential primaries are in full swing and former Massachusetts governor Mitt Romney, having just won the Florida primary, is the current frontrunner with a focus on job creation. I was recently asked what the prognosis is for U.S. technology jobs now that China has surpassed the United States in technology job creation...

Events / Press / Analysts
  • The ultimate guide to passwords. PC Pro. The problem is that passwords are a vulnerable means of protecting anything. A recent survey into corporate password usage by Lieberman Software revealed that 51% of those questioned had ten or more passwords to remember, and 42% admitted to actively sharing passwords.
  • Bring your own device to work could mean losing data. BodyShop Magazine. It’s simple - employees can find their personal email wiped by their employer either purposely, to safeguard their systems, or by mistake, if the software treats the alien device as a lost one and wipes its data just to make sure. Similarly, information stored on an SD card may or may not be wiped via the remote device kill. There are no guarantees for employees or employers with regard to the protection of personal employee information or employer data.
  • 2012 Prediction: HyTrust. Virtual Strategy Magazine. Insider threats backed by malicious intent, and the risks associated with insider breaches will grow in 2012. Because they occur within the network and by privileged users – such as employees, contractors or partners – organizations will have a hard time battling insider threats with traditional security measures that detect attacks from the outside.
  • Passphrases A Viable Alternative To Passwords? Dark Reading. By having the phrase go beyond 14 characters in length makes hash lookups very expensive. Fundamentally there are very few long English single words that are memorable, but a phrase or sentence is easy to create and remember that goes beyond the 14 or so characters in length.

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.
Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067
                 Liebsoft.com    |    (01) 310-550-8575  |   newsletter@liebsoft.com