Lieberman Software

September 2010

Top of Mind

Who's Watching the Watchers?

Philip  Lieberman
President & CEO
Lieberman Software

Inside your data center it’s the system administrators, DB admins, and IT managers who hold all the power — controlling everything from employee access to the confidentiality of private customer data. So much power in the hands of a few individuals ought to be a scary prospect to organizations that depend upon IT to keep the business running and data secure.

The simple truth is that today virtually all IT staff enjoy anonymous, unaudited, 24/7 access to your data center applications, computers, and appliances through use of privileged account credentials. More IT auditors are beginning to notice that this lack of accountability has brought organizations out of compliance with key industry mandates — SOX, PCI-DSS, HIPAA, and others. The bad guys have also taken notice, exploiting these all-powerful and often poorly secured credentials in many of the latest, headline-grabbing breaches that include the attacks on Google and other U.S. technology firms.

Organizations that are looking to advance IT governance and stay compliant should ask these four questions…

Read the rest of Best Practices for Watching the Watchers in Enterprise Systems Journal.

Having worked with many organizations over the years, I've realized that shared passwords, seldom changed privileged credentials, and employees with too much access and too little accountability are the rule rather than the exception. The outcome is never good: embarrassing security breaches and costly IT audit failures. 

What do you think? Email me at:


Tech Tip of the Month

Move All Except

Group policy is great for defining which users should be members of which groups. However, it lacks the granularity sometimes needed to map specific group memberships to individual users. But User Manager Pro Suite has no such limitations. Learn more.

Featured Whitepaper

Privileged Identity Management: An Executive Overview

This fast-paced overview gives you all the facts you should know about privileged identities. You’ll learn real-world business drivers for taking control of privileged access, implementation best practices, and how different management approaches can deliver different results.

   Follow us on Twitter!

Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067    |     (01) 310-550-8575

Customer Snapshot: Wings Financial

Founded in 1938, Wings Financial serves 126,000 members from 130 air transportation companies worldwide, including 54 airlines. Wings also serves people throughout the 13 county Twin Cities metropolitan area. Wings ranks among the top 50 credit unions by asset size out of more than 8,000 credit unions in the United States.

The Situation: Without a reliable and automated method to regularly locate and change its privileged account passwords, Wings Financial was burdened with IT workload issues and increased security risks.

The Solution: Enterprise Random Password Manager was deployed in the credit union’s enterprise to track, update and store privileged account passwords.

The Result: Wings Financial increased IT staff productivity, secured access to its sensitive financial data, and proved compliance with regulatory password change requirements.

Click here to read the detailed case study.

What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:

  • Despite Recent Updates, PCI DSS Security Flaws Remain
    Last month’s announcement of Payment Card Industry Data Security Standard 2.0 (PCI-DSS v. 2.0) created a flurry of news reports in the IT media, but in reality changed little about the way that businesses guard sensitive cardholder information on their networks...

Events / Press / Analysts
  • As the Oracle Ecosphere Evolves, So Do Its Participants. Database Trends and Applications. "Going into 2010, we're repeatedly witnessing pervasive bad behaviors with respect to database security," says Phil Lieberman, CEO of Lieberman Software, a provider of enterprise security and privileged identity management solutions and long-time Oracle partner. Examples include "Common and unchanged DBA accounts being used by multiple administrators, with no ability to audit the actions performed by the database administrators, and unchanged application to database account credentials."
  • 5 Reasons Why Privileged Identity Management Implementations Fail. Virtual Strategy Magazine. "... many organizations seem to grasp too late that implementing a privileged identity management solution is too important a process to delegate to a rubber-stamp RFP or a battle of vendor check boxes. If handled correctly your implementation can enable you to close critical security loopholes; help make staff members accountable for actions that impact IT service and data security; and lower the cost of regulatory compliance."
  • Aquion gains password management vendor. ARN. With a focus on governance, risk and compliance products, Aquion was looking for a password management offering for the enterprise market. This led to the company approaching Lieberman Software, which provides identity management software.
  • Outsmart Hospitality Hackers. Hospitality Technology. It's official; 2009 was the year of data breaches in hospitality. Find out how Lieberman Software helps prevent these breaches and more.

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.