Lieberman Software Unveils Privileged Password Management Platform
BackBy —<strong>Orlando, Fla. </strong><br />In response to threats posed by decrypted local passwords leading to peer-level network access and the difficulty in thoroughly and rapidly updating every system with unique credentials, Lieberman Software Corp. announced the availability of Enterprise Random Password Manager. <br />Recent high-profile security breaches, such as the TJX Cos. attack, highlight the serious consequences that can result when sensitive administrator or root passwords are accessed by unauthorized sources.<br /> <br />Enterprise Random Password Manager was developed to automatically discover and update all privileged password account use throughout the enterprise. It continuously randomizes all local passwords and updates every place where the credentials are referenced, such as services, tasks and objects. <br /> <br />“The problem with most password management solutions is that they reactively change only the local passwords that are identified by the IT group,” said Chris Stoneff, product manager at Lieberman Software. “This method is not inclusive of all the places that privileged passwords are used in the enterprise, leading to account lockouts as applications persist in referencing obsolete credentials. The Enterprise Random Password Manager strategy is to manage and update the privileged passwords and also all of the objects in the enterprise that use these privileged credentials.” <br /> <br />As a result of recent data breaches such as this year’s Societe Generale incident that led to billions of dollars in losses, the security of privileged administrator and root passwords is becoming a critical business concern. Gartner estimates that shared account password management tools will be used by more than 50 percent of large enterprises by year-end 2010 to manage passwords for shared accounts.<br /> <br />Much of the push to adopt privileged password management solutions into the enterprise stems from regulatory compliance initiatives — including Sarbanes-Oxley, PCI and HIPAA — that mandate frequent changes to administrator and root passwords. Large organizations maintain an extensive infrastructure of systems that are controlled with privileged passwords. Enterprises are compelled by government regulations to change these domain administrator accounts on a regular basis. <br /> <br />Even when these passwords are frequently updated, a potential problem remains. The change could imperil the operation of the infrastructure and result in a cascaded failure of systems due to lockouts caused by missed accounts. <br /> <br />Enterprise Random Password Manager resolves these issues by identifying and enumerating every location in the enterprise where every account is used and then automatically propagating password changes to these locations.<br /> <br />“Lieberman Software is the originator of local account management and service account management solutions, dating back to 1999,” said Philip Lieberman, president of Lieberman Software. “Enterprise Random Password Manager builds on this strong foundation of managing the accounts stored on local machines, but it also extends the technology to all of the domain-level process accounts that control systems. It provides organizations with the ability to comprehensively manage critical privileged passwords, achieve security best practices and comply with regulatory mandates.”<br /> <br /><strong>Enterprise Random Password Manager</strong><br />Enterprise Random Password Manager automatically identifies, updates, stores and recovers privileged passwords. It regularly creates unique, complex local passwords for each system in the enterprise and then propagates the password changes to all of the services, tasks and objects that use the credentials. <br /> <br />Enterprise Random Password Manager operates by comprehensively searching the network and enumerating every place where privileged passwords are used. When all of the passwords have been identified, the product changes them in Active Directory and then propagates the changes to the applications and objects that reference those passwords.<br /> <br />A delegated Web interface allows authorized users to temporarily retrieve passwords stored in an AES-256 encrypted, SQL Server data vault. Optional hardware-based encryption at FIPS 140-2 levels 2 and 3 is also offered. Enterprise Random Password Manager supports Windows, Linux, UNIX, SQL Server, MySQL, Oracle and Cisco IOS accounts, and logs all password operations, including changes, recoveries and log-ons.<br />
Viewed 6118 times.