Volume 13, Number 7 -- March 5, 2013

Lieberman Goes Super Secret with Privileged Passwords

Published: March 5, 2013

by Alex Woodie

In old war movies, you've probably seen how, before launching a nuclear missile, the captain and his first lieutenant must turn their keys simultaneously for the launch to work. This is actually a security practice instituted by the United States Air Force and other military organizations that's called the "two man rule." Last week, security software vendor Lieberman Software launched a version of the two man rule to control the passwords for privileged user profiles.

Lieberman's flagship product, called Enterprise Random Password Manager (EPRM), is a security utility designed to discover, secure, track, and audit the use of privileged user profiles across multiple operating systems, including IBM i, Unix, z/OS, Linux, and Windows. The software continuously changes the passwords for privileged user profiles, and generates dashboards that show auditors and managers how the powerful accounts are being used.

With EPRM's implementation of the two man rule--also called double safekeeping—Liebermann is giving organizations another layer of security over their most powerful and dangerous user profiles. Under double safekeeping, a single password for a powerful user profile is split into two pieces, and distributed to two individuals. To allow that user profile to be used, each of the individuals must enter his portion of the password.

This approach bolsters the security of the user profile by eliminating the chance that a programmer or administrator will be able to log onto the system without the knowledge of anybody else, says Philip Lieberman, president and CEO of Lieberman Software.

"When implemented, ERPM's double safekeeping functionality prevents any one individual from having all of the credentials for the powerful privileged accounts that can access an organization's most sensitive data and IT resources," Lieberman says in a press release.

While double safekeeping has long been used by institutions such as the US Government to safeguard critical assets, such as nuclear weapons, the practice is not widespread in the corporate sector. However, that could soon change.

"Some regulatory compliance requirements, such as BASEL II, are now requiring organizations to store and retrieve sensitive information--including passwords--in multiple parts so that no one person can maintain key secrets individually," Lieberman says.

Lieberman made its announcement at last week's RSA Conference. For more information, see Lieberman's website at www.liebsoft.com.


Lieberman Exposes Super-User Activity to SIEMs

Lieberman Adds i OS Support to Password Program

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Sponsored By

Let 'em run WILD . . . with SQL!

Cover your developer's tracks and satisfy the demand
for monitoring and controlling the interactive SQL environment
with SQL Audit!

This utility tracks modifications made to any IBM i database
using ProData's SQL/Pro or IBM's SQL and helps you identify any
problems with the results of your interactive SQL commands.

Download today!

Editor: Alex Woodie
Contributing Editors: Dan Burger, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

Profound Logic Software:  Live Webinar: 4 RPG Keys to Application Modernization Success. March 20
BCD:  IBM i Webinar - March 7. Jumpstart Web App Development with WebSmart Mobile
looksoftware:  Free Live Webcast: HTML5 & IBM i - Connect, Discover, Create. March 12 & 13


More IT Jungle Resources:

System i PTF Guide: Weekly PTF Updates
IBM i Events Calendar: National Conferences, Local Events, and Webinars
Breaking News: News Hot Off The Press
TPM @ The Reg: More News From ITJ EIC Timothy Prickett Morgan

The Four Hundred
Entry Power7+ Servers: Those 720+ and 740+ Boxes Are Gonna Cost Ya

Power7 Is The End Of The Line For Power Blades

Enthusiasm, Persistence, And The IBM i Payoff

Mad Dog 21/21: If You Want Cheap Cloud Backup, Raise Your ARM

The Server Racket Holds Its Own In The Fourth Quarter

Four Hundred Guru
Stored Procedure Parameter Defaults And Named Arguments In DB2 For i

New CL String-Handling Functions

Getting Short-Term Maintenance For Your Power i Machine

Four Hundred Monitor
Four Hundred Monitor's
Full iSeries Events Calendar

System i PTF Guide
March 2, 2013: Volume 15, Number 9

February 23, 2013: Volume 15, Number 8

February 16, 2013: Volume 15, Number 7

February 9, 2013: Volume 15, Number 6

February 2, 2013: Volume 15, Number 5

January 26, 2013: Volume 15, Number 4

TPM at The Register
SGI rejigs financing ahead of possible asset sale

The server racket recovers from the Great Recession
Rackspace swallows ObjectRocket for MongoDB smarts

Revolution weaves predictive analytics into Hortonworks Hadoop

Intel takes on all Hadoop disties to rule big data munching

Inside Intel's deal to let FPGA biz Altera use its 22nm TriGate fabs

Cloudera sends in the auditors – for Hadoop

EMC morphs Hadoop elephant into SQL database Hawq

Mellanox pumps up channel for InfiniBand, Ethernet pushes

IBM skips BladeCenter chassis with Power7+ rollout

Unisys re-ups $650m deal to look after US taxman's big iron

Rackspace cuts network bandwidth prices on its cloud


ProData Computer Services
Profound Logic Software
United Computer Group, Inc.

Printer Friendly Version

BCD Waves its Modernization Wand with Presto 4.5

McAfee Works with Raz-Lee to Monitor DB2 for i

Bytware Becomes More Friendly to LPM with Messenger Product

Townsend Adopts KMIP for License Key Interoperability

Spinnaker Nabs Former Rimini Executive

News Briefs and Product Shorts:

ARCTOOLS Gains JD Edwards Validations . . . Lieberman Goes Super Secret with Privileged Passwords . . . Private Clouds Growing at a 50 Percent Clip, IDC Says . . . Polaris Chooses IntelliChief for Office Automation . . . OKI Data to Carry Brooks Print Converters . . .

Four Hundred Stuff


Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at http://www.itjungle.com/sub/subscribe.html.

Copyright © 1996-2013 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement