Lieberman Software Randomizes Remote Access

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

<p><strong>Los Angeles &mdash; Nov. 19</strong><br />Lieberman Software&rsquo;s Random Password Manager can now secure Cisco IOS network devices by randomizing the passwords of their remote access accounts. The company made the announcement at the Gartner Identity and Access Management Summit, where Lieberman Software is a Silver Sponsor and an exhibitor.<br /><br />&ldquo;Most organizations that have a distributed architecture of Cisco routers and firewalls set all of the remote access accounts to the same username and password,&rdquo; said Chris Stoneff, product manager at Lieberman Software. &ldquo;By not maintaining frequently updated, unique credentials, these organizations are at risk from disgruntled current or former IT employees, as well as anyone with physical access to a Cisco device who can extract the common password using tools that are readily available on the Internet. Security best practices dictate that each Cisco device should be set to a unique set of credentials, and that these credentials should be changed immediately after the current set has been disclosed.&rdquo;<br /><br />Random Password Manager is a stand-alone application that periodically verifies the current built-in password on servers, workstations, databases and network devices, and changes it to a new, cryptographically complex and unique value. By randomizing account passwords on Cisco routers and firewalls, the product prevents an unauthorized user from compromising one password and gaining full access to every network device.<br /><br />According to Gartner, &ldquo;Shared accounts with superuser privileges or other high-level access pose a significant risk in all organizations. High risk stems from passwords becoming known to others, as well as the lack of individual accountability.&rdquo;<br /><br />Random Password Manager can remotely set every Cisco IOS device to a different password and can recover the current password for each device using a secure Web interface. After a temporary period of time the recovered password is automatically checked back in and re-randomized. This is accomplished without requiring the time-consuming creation of complex scripts, which are limited by a lack of support, documentation, troubleshooting and reporting capabilities. </p>

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|