Risk
5/16/2009
09:24 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Lieberman, Microsoft System Center Ensure Compliance

Enterprise Random Password Manager and Random Password Manager integrate with Microsoft System Center to securely manage privileged accounts

LOS ANGELES, May 13, 2009 --Lieberman Software's privileged account password management packages for Microsoft System Center Configuration Manager and Microsoft System Center Operations Manager enable enterprise organizations to meet the stringent password update and identity management standards of regulatory compliance regulations.

Administrative, super user, root, fire call, and other privileged accounts are pervasive in any organization. More numerous than personal passwords, these "keys to the kingdom" grant access to programs and files containing an organization's most sensitive data. If they are not properly protected and managed, they represent a significant security and compliance risk to the organization via sabotage or theft of proprietary information. Security compliance regulations " such as Sarbanes-Oxley, PCI DSS, HIPAA and NERC/FERC " call for frequent changes to privileged account passwords to prevent unauthorized personnel from being able to access mission-critical systems. "IT auditors recognize that unmonitored, uncontrolled access to privileged accounts leaves an organization wide open to data theft, privacy breaches, and fraud and must be properly secured and managed," said Chris Stoneff, product manager at Lieberman Software. "By integrating our privileged identity management solutions Enterprise Random Password Manager and Random Password Manager into the GUI shell of System Center Operations Manager and System Center Configuration Manager, access to privileged accounts is secure and easily managed from a centralized console."

System Center Integration Lieberman Software products integrate seamlessly with System Center Operations Manager to alert administrators to what users and the Help Desk are doing with privileged accounts from a single console. The integrations address critical security information event management (SIEM) issues.

Enterprise Random Password Manager and Random Password Manager feed events to Systems Center based on password change, password verification, and password check-in/check-out job results. These events can be used by customers to automatically open and close trouble tickets based on end-user behavior and system responses to password management tasks. This allows Systems Center to take immediate action should the system encounter security misuse or operational readiness issues.

In addition, by enabling Enterprise Random Password Manager and Random Password Manager to be managed and monitored by System Center Operations Manager through a management pack provided by Lieberman Software, mutual customers can meet the burden of regulatory compliance by:

  • Receiving real-time security events and alerts should external factors, such as network or database problems, cause disruptions to regulatory-based Service Level Agreements (SLA) requirements.
  • Automatically changing local, domain, and service account passwords on every system in the enterprise at regular intervals.
  • Creating an audit trail of privileged account password changes.
  • Maintaining strict, delegated controls for users with privileged account access.
  • Automatically managing the RunAs credentials within System Center. The announcement was made at Microsoft Tech-Ed 2009 where Lieberman Software is exhibiting in booth 217.

    To learn more about Enterprise Random Password Manager, Random Password Manager and other innovative solutions; visit www.liebsoft.com or call 1-800-829-6263.

    About Lieberman Software Corporation Lieberman Software provides privileged identity management and configuration management solutions that help control the local security of the cross-platform enterprise. By automating time intensive systems administration tasks, Lieberman Software increases control over the IT infrastructure, subsequently reducing security vulnerabilities, improving productivity, minimizing system failures, and ensuring compliance. Since 1994 Lieberman Software has been providing solutions which ensure that the largest corporate, education, and government enterprises remain managed, secure, and compliant. The company is a managed Microsoft Gold Certified Partner headquartered in Los Angeles, CA. For more information, see www.liebsoft.com.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    Partner Perspectives
    What's This?
    In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

    As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
    Featured Writers
    White Papers
    Cartoon
    Current Issue
    Dark Reading's October Tech Digest
    Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
    Flash Poll
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2014-3409
    Published: 2014-10-25
    The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID CSCuq93406.

    CVE-2014-4620
    Published: 2014-10-25
    The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, which allows local users to obtain sensitive information by reading these files.

    CVE-2014-4623
    Published: 2014-10-25
    EMC Avamar 6.0.x, 6.1.x, and 7.0.x in Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE), when Password Hardening before 2.0.0.4 is enabled, uses UNIX DES crypt for password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force a...

    CVE-2014-4624
    Published: 2014-10-25
    EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x through 7.0.2-43 do not require authentication for Java API calls, which allows remote attackers to discover grid MCUser and GSAN passwords via a crafted call.

    CVE-2014-6151
    Published: 2014-10-25
    CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

    Best of the Web
    Dark Reading Radio
    Archived Dark Reading Radio
    Follow Dark Reading editors into the field as they talk with noted experts from the security world.