Lieberman Software

PRIVILEGED IDENTITY MANAGEMENT NEWS LINE
October 2011

Top of Mind

Five Golden Rules for a Secure Cloud Migration
(Excerpt - Read the Full Article in Virtual Strategy Magazine)

Philip  Lieberman
President & CEO
Lieberman Software


Survey after survey has revealed that security is the top concern voiced by prospective customers about cloud computing and its outsourced, on-demand business model. Worries over data privacy may prove to be service providers’ greatest roadblock to new business. In addition, the risks of a data breach seem certain to grow as a service provider’s infrastructure expands and its IT staff becomes more numerous and decentralized.

So while an outsourced cloud infrastructure can be a good fit for many companies, it holds huge potential for costly disasters. And, if the outsourcer fails you could be left without the resources to repair the damage. There is little margin for error in choosing an outsourcer, as Lieberman Software found in our recent industry surveys at the annual RSA and InfoSecurity conferences held earlier this year. Our survey revealed that 77 percent of IT professionals said that their outsourcers had made up work simply to earn extra money.

Here are my five golden rules to ensure your outsourcing lifeboat doesn’t sink mid-stream:

1. Make a Transition Plan and Stick to It

2. Get Your Outsourcing Plan in Writing

3. Demand Transparency with Respect to
   Security


4. Know Their Financial Status, Compliance
   Standards, History, and Audit Points


5. Find Experts in the Areas You Need

Those are our five golden rules. But remember - our position is that outsourcing as a means solely to reduce costs is a fraud since these cost reductions are achieved by gutting the organization of its talent and providing its customers with the poorest possible support at the lowest cost.

Ultimately outsourcing for cost savings alone leaves a company weak and ill prepared to respond to emerging threats and opportunities. On the other hand, outsourcing to provide unique talent that is otherwise unavailable or impossible to train can provide your company with distinct competitive advantages. Outsource when there’s expertise to be gained (through contracting of specialists), not lost (through abandonment of loyal staff).

Happy outsourcing!

What do you think?

Email me at: phil@liebsoft.com
. You can also follow me on Twitter: @liebsoft or connect with me via LinkedIn.

 
What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:
  • HP Protect 2011: What you should have seen coming…
    The seventh annual HP Protect 2011security and compliance conference in Washington D.C. bills itself as the single largest summit of security and compliance professionals, experts, architects and gurus under one roof...
  • 5 Ways to Avoid Being the Next Security Headline. It’s been an active season for criminal hackers, rogue IT administrators and others with vindictive motives and the ability to exploit weak and outdated security systems. Let’s recap with a look at just a few of the security fiascos we’ve seen in recent months...

Events / Press / Analysts
  • Will NFC make the mobile wallet work? BBC News. Phil Lieberman, head of IT security specialists Lieberman Software, believes the technology poses a significant security risk to consumers. "I think it's insane. How's that for vague?" he says.
  • Betfair loses data on more than three million customers to hackers. InfoSecurity. The brutal reality is that a multi-million pound betting exchange, with operations in several countries, processing millions of transactions every single day, was clearly hacked by Far Eastern cybercriminals, despite the fact that the exchange had claimed previously that its security systems – as required by multiple regulatory authorities – were up to scratch.
  • Two Factor Authentication: SMS vs. Tokens. eSecurityPlanet. It’s really a toss-up with no right answer. SMS-based authentication is technically inferior to hard tokens in that the transmission could theoretically be intercepted and used by an intruder. In practice, the SMS method is superior since the organization does not have to worry about token distribution or lost tokens and this is a less expensive and generally a more easily deployed methodology. Most of the cost and complexity of hard tokens revolves around configuration and distribution.
  Follow us on Twitter!


Tech Tip of the Month

Manage All Windows Tasks Centrally

The built-in Windows Task Scheduler is a great tool for automating recurring tasks on Windows hosts. However, it does lack a centralized way to add, remove and edit scheduled tasks, and update supporting files, on multiple systems simultaneously. Fortunately our Task Scheduler Pro tool can do all this and more. Here’s how.

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.
Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067
                 Liebsoft.com    |    (01) 310-550-8575  |   newsletter@liebsoft.com