Lieberman Enhances Password Management Solution With Secured Storage Measures and Access Control

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

<p><strong>Los Angeles &mdash; April 28</strong><br />Lieberman Software Corp.&rsquo;s new Random Password Manager 4.0 is the first privileged password management product to incorporate hardware encryption, multifactor authentication and delegated workflow in one solution. The updated version offers comprehensive protection against unauthorized access to sensitive local passwords. <br /> <br />IT groups at most large organizations maintain an extensive infrastructure of servers, workstations, mobile systems, databases, firewalls and network devices, each of which are controlled with privileged passwords that provide full access on these components. Due to the large amount of such accounts, IT groups often deploy all systems with the same common password and then leave this identical password unchanged. Larger and more complex organizations are more likely to have more people who need privileged access, increasing the probability of mistakes and deliberate attacks caused by using common local passwords. <br /> <br />According to Gartner Research Vice President Ant Allan, &ldquo;In any organization, the use of every platform and device ultimately relies on super-user accounts, which are the most powerful in the organization. Although super-user accounts are indispensable in meeting continuity and availability needs, unless organizations make a disciplined effort to ensure these accounts are used appropriately, they become a shortcut for lazy administrators, putting systems at risk.&rdquo; <br /> <br />Random Password Manager mitigates this security threat by generating unique account credentials for every system in the network. This prevents an unauthorized user who decrypts one local password from gaining peer-level access throughout the enterprise. <br /> <br />However, even with conventional privileged password management, it is still possible to access local passwords through keyloggers, shoulder surfing, social engineering, software debuggers and similar attacks. The new access and control features of Random Password Manager 4.0 can eliminate these threats. <br /> <br /><strong>Random Password Manager 4.0 </strong><br />The latest version of Random Password Manager can interface with any hardware security module (HSM) when a PKCS #11 interface library is provided. With an HSM, there is no record of keys stored in memory. Instead the keys are stored in a secure device, physically inside of a computer with encryption independently validated to FIPS 140-2 levels 2 and 3. As a result, software debuggers cannot locate and access decryption keys, allowing critical data to be compromised. Random Password Manager is the first privileged password management solution to offer hardware-based encryption.<br /> <br />Another upgrade in version 4.0 is two-factor authentication technology enabled by RSA SecurID. This helps guarantee only staff with physical possession of an RSA SecurID hardware authenticator and properly provisioned credentials can access the passwords generated and stored by Random Password Manager. <br /><br />Other significant enhancements to Random Password Manager 4.0 include a delegated password workflow process and support for Oracle and MySQL databases and OS/390 and AS400 systems.</p><p>&ldquo;An effective privileged password solution must be able to manage passwords across multiple, cross-platform systems, ensure that stored passwords are continuously synchronized with the target systems and allow delegated users to quickly retrieve these passwords on demand,&rdquo; said Chris Stoneff, product manager at Lieberman Software. &ldquo;However, it&rsquo;s also essential that local passwords be securely stored and protected against unauthorized access. With the enhancements in version 4.0, Random Password Manager meets all of these criteria.&rdquo;<br /> <br /><strong>Random Password Manager Specifications</strong><br />Random Password Manager continuously randomizes local administrator and root account passwords on every system in the enterprise and enables temporary recovery of current passwords via an audited Web interface. The passwords are secured using AES-256 encryption in a SQL Server database and SSL encryption of data to the browser. Random Password Manager supports Windows NT/2000/XP/Server 2003/Vista/Server 2008, Linux and UNIX servers and workstations, SQL Server and Oracle databases and Cisco and Juniper hardware devices. <br /> <br />The product is certified for Microsoft Windows Server 2008 and Microsoft Windows Vista and is RSA SecurID Ready. <br /><br />Random Password Manager 4.0 is licensed by managed system and available now directly from Lieberman Software or through the company&rsquo;s network of international resellers and distributors. <br /> <br />A free 30-day evaluation copy of Random Password Manager is available for download. </p>

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|