Lieberman Software
PRIVILEGED IDENTITY MANAGEMENT NEWS LINE
 
Follow us on Twitter  Follow us on LinkedIn  Blog  Lieberman Software on YouTube                                                                                                                                                             June 2012

Top of Mind

Our Best Product Philosophy

Philip  Lieberman
President & CEO
Lieberman Software

I have always believed that the phrase “Jack of all trades, master of none” was the best way to describe many of the solutions our competitors have created to compete with us. There seems to be an all out race to get as many checkboxes on an RFP as possible irrespective of the quality of the capabilities in the product in the real world. 

If anything, with our VC-fed competitors, there seems to be little appetite for trying out new ideas or for pushing the state of the art in identity management or information technology.  How boring is that? And, what a waste of time and money!

What We Have Been Doing and With Whom

Over the last 6 months we have been working with our major accounts and partners to create a new reality in identity management whereby customers and their regulators can get a much better understanding and a positive verified control that works against all identities. 

As with anything revolutionary, the ease of getting a new release of a product with major new technology out the door can be viewed as a receding horizon problem.  Just as you think you are ready to ship, something comes up (new feature, testing, scalability, etc.), that should “only delay the build for a few days…” 

From a CEO’s perspective, the release of a new version of a product is a major milestone where a lot of elements converge such as bug fixes, critical feature requests, performance improvements, and – most interesting – the incorporation of new features never requested or demanded by customers.

Pushing off a release for a few days, weeks or months, is a tough decision to make, but in the big picture, what is the objective?  Is the objective to make the maximum amount of money possible, or is it to create a new and better future reality for our customers?

Creating the Future

You might ask yourself why a company would implement technology that was not part of a known customer requirement.  In fact, such development would be unconscionable for a VC funded or big software company because it has no business case… or does it?

Those of you that have met me or have seen me present are probably aware that I am a software developer and actually use and test all of our products. Yes, we have a staff, but I personally want to experience what you experience – good, bad or otherwise with our products – especially before you do.  Being hands-on, I can see what is wrong, as well as what might be possible with current and future technology.

Consequently, as we are putting together new versions of our products we are always saying “what if we did xyz…?” And, because we are not beholden to a board of directors and investors, we can take the time to try and implement new, cool features in our products with a few simple and compelling goals in mind:  a) to make you, our customer happy, and b) we want to provide you with real security and ever better coverage by leveraging the latest technology. The CPUs and disks in your servers may need to work a bit harder with each version of our code, but it means that you get better coverage, stronger controls, and great audit outcomes with less work on your part.

The Conundrum

As a privately held company, we have the freedom to reinvest the money you give us in R&D, development and testing of our products to enhance your experience and to better protect your systems. This strategy is exciting for us, motivating for our brilliant development staff, and a pleasure for our systems engineers and sales staff because they always have new, cool things to show you.

On the other hand, we receive calls almost every day from venture capitalists telling us that we are wasting our money on innovation and R&D, and should instead invest it exclusively in sales and marketing to generate maximum sales and earnings. 

In fact, one of our competitors said that they used to care about their customers and the success they had with their products, but are now only interested in making a buck – this is very sad and a testament to how VC funding has created a toxic environment.

A Final Postscript

Recently we were asked to comment on a melt-down at RBS/NatWest and here too we saw the repeat of a pattern that we have tried to avoid: “the right way to develop”.  In a recent conversation I had with one of our competitors, I was discussing how we work in small teams and try to innovate on short cycles using what is known as extreme programming.  Our competitor’s position was that they were much better organized and were process oriented in their development using the “proven techniques” that are now melting down RBS/NatWest.  I think I will stick with hiring really smart and talented developers in-house vs. developing code the “right way” our competitors are using (which is to outsource their development).

Releasing

We will soon be releasing Enterprise/Random Password Manger 4.83.4 which is truly an amazing piece of work by our entire team. As we like to say, this covers everything from the copper to the application, and it really does, at fantastic scale. 

It is more than a privileged identity management solution; it is a new paradigm in general identity management (but, it is a hell of a PIM solution too).

What do you think? Email me at: Phil@liebsoft.com. You can also follow me on Twitter: @liebsoft or connect with me via LinkedIn.

 
What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:
  • Beware the Long-Running `Lights Out Management Exploit.’ Internet Storm Center’s recent report about how Intel’s IPMI (Intelligent Platform Management Interface) allows hackers remote access to servers, even when the server is switched off, is an accident waiting to happen for many major corporations...

Events / Press / Analysts
  • Lieberman Software says WHMCS database hack could have been avoided. IT Analysis. The core element of this hack was social engineering, and the core element that needed addressing was the automation of identity verification. The hack points out that automated solutions are generally superior to human based solutions in that they cannot be social engineered (they can’t be told a story). If anything should be behind an automated and secured control, it would be the privileged account management so that this level of access would be not be granted without extensive verification and such access would be granted for a limited period of time and with limited scope.
  • Cyber missiles mean war without bloodshed. Los Angeles Times. What do you need to disrupt nuclear facilities of your enemy? A thumb drive. Well, that and a virulent cyber weapon such as Stuxnet that works so effectively that it takes out nothing but its target in a way that is more subtle than explosive.
  • 5 Ways You're Wasting Compliance Dollars. Dark Reading. Sure, the cost of compliance has been driven higher and higher by increased regulatory burdens over the years. But that's not all to the story. Many organizations spend more because they're wasting compliance dollars on piecemeal compliance programs, ineffective products, and expensive consultants when things go wrong.
  • Stuxnet Worm Could Turn. TechNewsWorld. It appears the U.S. may have had a considerable hand in the creation of the Stuxnet worm designed to thwart Iran's nuclear ambitions. One of the concerns surrounding such cyberwarfare strategies, though, is containment.
  • Interview: Philip Lieberman and the human factor. Computer Fraud & Security. Security is a good thing and it’s available right now. We have the technology, but its use is subject to a number of tensions and conflicts that mean it isn’t exploited properly. Philip Lieberman, founder of Lieberman Software, which specialises in privileged identity management, believes that the problem isn’t technology – it’s us.
  • Is IT Outsourcing Worth It? PCWorld. Outsourcing is the lifeblood of IT. The prevailing theory is that outsourcing saves companies money and enables them to engage a broader pool of IT skills and talent than they could in-house. However, the results from a new survey challenge that perception.

Tech Tip of the Month

Manage Windows Task Credentials

Windows Scheduled Tasks contain security credentials for the account that the task will run under, or the run as account. These Scheduled Task credentials need to be managed and rotated on a regular schedule to prevent unauthorized entry points to your Windows systems. Task Scheduler Pro lets you quickly set or rotate the run as credentials, across all the machines where a Scheduled Task exists, in one operation. Here's how.

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.
Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067
                 www.Liebsoft.com    |    (01) 310-550-8575  |   newsletter@liebsoft.com