Lieberman Software
PRIVILEGED IDENTITY MANAGEMENT NEWS LINE
  Follow us on Twitter  Follow us on LinkedIn  Blog  Lieberman Software on YouTube
May 2013       

Top of Mind

Security by Design

Philip Lieberman, President & CEO
Lieberman Software

One of my responsibilities over the years has been to guide our company’s products so that they meet the needs of clients and also to anticipate and invest in the future. My goal is to make sure that our products evolve along with the capabilities of our customers.

Something Really New and Interesting

Since 1997 we have seen our enterprise customers evolve in size with geometric growth every 4 years or so with the release of new server operating systems from Microsoft. This growth has been fueled by improvements in directory technology and virtualization with the rise of large cloud vendors and managed service providers.

Another driving force of our evolution has been the concurrent evolution of nation state cyber-warfare. Back in 1995, it was clear to many of us that the Internet was easy to attack. For all these years there has been a situation where criminals and security software companies have been fighting each other with great commercial profitability; just look at the size of the RSA show each year and the ferocious investments by venture capitalists in security companies.

However, even back in 1995 and up until recently one genie has been kept in the bottle and that is the aggressive and public use of nation state technology level attacks against businesses and our critical national infrastructure. The problem, which we all have seen coming, but hoped would not, is that commercial companies generally do not build products to protect against nation state attacks. Opponents know that.

European Identity Conference (EIC)

Last week at the EIC conference in Munich we were showing our latest version of our technology for privileged identity management (PIM) known as version 4.83.6. This is the next stage in PIM automation evolution.

The New Challenge to Solve

For a long time we have been beating the drum about how automation is the only way to get control over the privileged identities in your environment. Our assertion has always been that every step from discovery to password changes to propagation must be as automated as possible. To that end, we have been developing ever faster, deeper and more sophisticated technology.

Our philosophy is simple: cyber-warfare opponents use automation to find weaknesses in your environment. Only by employing automation for security can you find and automatically repair weaknesses faster than your opponents can find them.

The challenge we faced at the beginning of this year from one of our largest customers was: how do you build a solution to manage 500,000, 2 million, 20 million or larger systems? (To manage each cell phone, cable box, or phone/cable company router – the back-end infrastructures are huge.) There is no off-the-shelf software to manage anything that large and there are tons of companies who have deployed that number of systems as part of their businesses. So, how do you do it? More importantly, how do we do it?

Goodbye: Web Interfaces, GUIs, etc.

At massive scale deployment no company will be using a vendor’s web or GUI interface to manage security or even compliance because it is too slow, not scalable, and it will never be configurable to meet their needs or security model. Companies of this scale manage the lifecycle (discovery, generation, disclosure, change, destruction) of identities, certificates, passwords, files, configurations – all with virtually no human interaction.

We have also reached the point where privileged identity management is no longer about administrator types of accounts. Secure environments now require that all identities on all devices must be captured and managed.

All of these capabilities are now part of the latest release of Enterprise Random Password Manager via our introduction of a complete cross platform web service interface and PowerShell interface that provides a programmatic option for identity security management. You can think of it as PIM automation as a platform; but it provides programmatic storage, discovery and management with no UI needed.

I Don’t Have That Many Machines

This new technology means that if you can still use our product and its automation as-is, but if you don’t like our web interface or the platform it is running on, no problem. You can connect to the web services interface and build your own user interface in minutes. Want to do discovery, password changes, storage of certificates – from a mobile device, Linux, or mainframe? It’s easy to do in minutes just by consuming our web services. (Yes, programmatic access from Android, iPhone, Windows Phone today and in any language to consume resources, or to manage the local secrets, files or certificates on the platform.)

Orchestration

The goal of this version was to make it simple to programmatically use and manage identities and certificates within minutes to orchestrate identity management from any platform. Orchestration is the key to managing large environments and also for creating more secure environments, because essentially all the work for identity management and security is handled from within your own workflows.

The Mission

For large critical national infrastructure and defense users, there is a critical need for an open, scalable and secure security management platform from a company that believes that we need to make better tools than those used by our enemies and make them easy to deploy at scale without taking years to implement.

What do you think? Email me at: Phil@liebsoft.com. You can also follow me on Twitter: @liebsoft or connect with me via LinkedIn.
What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:
  • Cybersecurity Trends: a Q&A. For our latest installment of Q&As with Philip Lieberman, President and CEO of Lieberman Software, we’re covering recent trends in cybersecurity – state sponsored attacks, new legislation and the fastest-growing attack vector facing today’s enterprises...
  • Critical National Infrastructure Catch-22. Imagine the following scenario: You are told that the security of your company is about to be compromised, and you have the ability to stop it. You have the option of implementing appropriate IT security technology and processes, and in doing so you can save the company – and possibly people’s lives...

Partner News

Lieberman Software Partners with Odyssey Consultants to Deliver Privileged Identity Management to Southern Europe.

Odyssey Consultants will provide Lieberman Software’s privileged identity management products to large enterprise and government customers throughout southern Europe, helping these organizations secure their privileged accounts, protect access to sensitive data, and more easily meet regulatory compliance mandates. Through the company's offices in Nicosia, Cyprus and Athens, Greece, Odyssey Consultants delivers Information Security, IT Infrastructure and Risk Management solutions. Founded in 2002, the company is ISO 27001 and PCI DSS certified.

Events / Press / Analysts
  • The SCADA security challenge. Help Net Security. A study carried out at the end of 2012 by Bob Radvanovsky and Jacob Brodsky of InfraCritical, a US-based security consultancy – and conducted with assistance by the US Department of Homeland Security – found that thousands of SCADA-based systems accessible from the Internet have weak default passwords defending them.
  • A New Age in IT Security. Redmond Magazine. An alarming increase in reported cyber attacks this year is extending the onus on IT pros to once again step up efforts to protect their infrastructures. While attacks have escalated routinely over the past several decades, they've also increased in frequency, intensity and sophistication, leading to heightened awareness and concern. That's raising the bar for how businesses and government agencies need to respond.
  • Security breach? $100 says sure thing. Techday. Anybody like a gamble? A cheeky flutter on the horses maybe? Well hello, you’ve come to the right place. Techday wants to know whether you would be willing to stake $100 of your own hard-earned cash on your company NOT suffering a data breach within the next six months.

Tech Tip of the Month

Protecting Against Pass the Hash Attacks


With Lieberman Software, defending against this common attack vector doesn’t have to be reactionary.
You can prevent these attacks from ever occurring. Here's how.

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.
Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067
                 www.Liebsoft.com    |    (01) 310-550-8575  |   newsletter@liebsoft.com