For government agencies mandated to support PIV (HSPD 12), or corporate sites using smartcards/PKI certificates for authentication, these enhancements enable ERPM to identify who is logging on and to control what the user can access via digital certificates. This capability can be implemented instead of - or in conjunction with - a user name and password. If configured by an organization, the possession of a smartcard and its PIN code can be all that is necessary to securely logon to ERPM.
“We have always been staunch supporters of PKI, FIPS 201, PIV, HSPD 12 and certificates for authentication and encryption, where physical possession of the crypto device can provide a far more secure environment,” said Philip Lieberman, president and CEO of Lieberman Software. “Over the last few years we have implemented a variety of authentication and authorization mechanisms within our products to match the needs of our corporate and government users. Our integrated authentication solutions include LDAP, Kerberos, RADIUS, as well as RSA and a very rich OATH implementation for multi-factor authentication.
“Our newest version of ERPM provides a simple way to manually enroll client certificates, transparently verify certificates on smartcards, and configure rights and privileges for certificates directly within the ERPM console.”
ERPM automatically discovers privileged accounts on the network, frequently changes each account’s password to a unique value, and deploys the password changes wherever they are used in the data center. It provides the accountability of showing precisely who on the IT staff had administrative access to systems and applications with sensitive data, at what time and for what stated purpose.
Now, ERPM can use digital certificates and/or a combination of shared secrets (such as a user name and password), with the option for smartcards to both identify and authorize specific usage capabilities. When a user logs on to ERPM’s delegated web interface with the certificate authentication enabled, the browser and web site require the user to select an appropriate certificate to gain access to ERPM and to the powerful privileged account passwords managed by the software. The digital certificates can be stored on the local machine, on a USB stick or on a smartcard.
Lieberman Software is exhibiting this new functionality in booth 813 at Microsoft Tech-Ed 2012 in Orlando this week.
About Lieberman Software Corporation Lieberman Software provides privileged identity management and security management solutions to more than 1000 customers worldwide, including 40 percent of the Fortune 50. By automatically discovering and managing privileged accounts throughout the network, Lieberman Software helps secure access to sensitive systems and data, thereby reducing internal and external security vulnerabilities, improving IT productivity and helping ensure regulatory compliance. The company developed the first solution for the privileged identity management space, and its products continue to lead the market in features and functionality. Lieberman Software is headquartered in Los Angeles, CA with an office in Austin, TX and channel partners throughout the world. For more information, visit www.liebsoft.com.