PRIVILEGED IDENTITY MANAGEMENT NEWS LINE
November 2009

Top of Mind


Who knows? Who cares?
Philip Lieberman, Founder and CEO
Lieberman Software Corporation

In a recent conversation with staff members we discussed  the very different mindsets and responsibilities of CXO executives compared to the IT departments that they manage. 

In some organizations, the CIO/CSO works on a daily basis with the IT departments to create a well-oiled efficient and secure enterprise that gives the organization a competitive advantage and inherent business advantage. In these relationships, there is a constant two-way communication channel that selects the appropriate processes, technologies and projects for the benefit of all. Technical issues and comparisons flow in both directions, and improvement is a constant end result of the collaboration between executive management and staff.

On the flip side, we see another scenario where the CIO/CSO doesn't want to get involved in the day-to-day details of IT operations, in the global technical decisions that affect all users. In this scenario, all technical decisions, product selections, and security processes are selected by IT with no real management oversight. Inevitably these C-level executives receive failing grades from IT auditors and IT rarely implements significant improvements in security or operational capabilities. Technology or lack of funds are blamed for poor results from IT.

Unfortunately, the latter scenario is most common. We see CXOs who are responsible from a corporate and fiduciary point of view for the IT department, yet lack the technical skills or have no interest in having a hands-on role in managing IT resources. The IT staff do not have the power nor resources of the CXO, but do have the technical knowledge to implement proper solutions. In many cases, IT management fails to implement proper solutions simply because they don’t care, and/or because of the lack of corporate or fiduciary accountability (i.e. good security does not put any extra money in their pockets).

I call this: one cares but does not know, and the other knows, but does not care. All this results in a stalemate where passwords never change, there is little to no real security, there is little to no introduction of new technology, and the company suffers from an apparently incompetent and uncaring IT department. 

Perhaps the problems of IT lie in the deficiencies of management's unwillingness to engage in an intelligent ongoing dialogue with IT; and the poor showing of IT is the result of poor leadership at the top. What do you think? Write me at phil@liebsoft.com.

Lieberman Software Corporation
1900 Avenue of the Stars
Suite 425
Los Angeles, CA  90067
Liebsoft.com

(01) 310-550-8575

newsletter@liebsoft.com
 

Product Updates / Launches / Podcasts

Analysts / Press / Events
  • CIO Today, November 2009
    "User Manager Pro helps organization in all major vertical markets locate and remove rogue users, groups, and group memberships, change administrator passwords, discover and remove unauthorized shares, determine who is in the administrator group, find stale user accounts and, with Cratering, mediate virus infections - including zero-day infections that bypass conventional antivirus solutions."
  • Dark Reading, November 2009
    Lieberman Awarded Patent For Access Control Technology
    Cratering identifies and blocks malicious software from executing on client systems
  • Dark Reading, November 2009
    Thwarting SQL Injection Threats. New Dark Reading report explores what database developers and database administrators can do about the pervasive SQL injection attack.

Tech Tip of the Month

Phonetic Spelling

Remote password recovery is one of the conveniences of Enterprise Random Password Manager. But when this process involves a remote user reading the password over the phone to someone else, or when an administrator is trying to determine if, for example, a 1, l, I, or | is being displayed, misunderstandings and mistakes are often inevitable.

That’s why we've provided the privileged identity management industry’s first phonetic spelling option - to help users pronounce a password character by character.

For instance, the password EAYd|0lc would be written as ECHO ALPHA YANKEE delta Pipe Zero lima charlie. Or, in the case of the administrator trying to decipher 1, l, I, or |, those characters would be shown as one, lima, INDIA, pipe.

For more information and to activate this option, please click here.


Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy.