Partnership Provides Improved Countermeasures against Threats like Token Breaches, Key Logging, Social Engineering and Other Attacks
London July 25th 2011 A new generation of regulatory compliance rules mandates the use of multi-factor authentication to ensure that only authorized IT staff is able to access an organization’s powerful privileged accounts.
Trustworthy authentication is especially crucial when it comes to the identities of privileged users such as IT administrators, application developers and others who login to computers, applications and appliances with elevated, “super-user” credentials. According to SANS Institute, “the misuse of administrator privileges is the number one method for attackers to spread inside a target enterprise.”1
Lieberman Software Corporation is responding to the need for reliable multi-factor authentication by upgrading the latest versions of its Enterprise Random Password Manager™ (ERPM) and Random Password Manager™ (RPM) products with native support for the Yubico token, YubiKey®. Lieberman Software provides products that actively discover and manage privileged identities used in government and commercial enterprises.
Until the recent RSA SecurID® token breach Lieberman Software products supported only The RSA SecurID product line for multifactor authentication. Following the RSA token breach, the company began seeking alternative multifactor solutions that are not subject to the RSA vulnerabilities.
“RSA SecurID was the ‘gold standard’ when it came to multi-factor authentication and since it was the trusted supplier for most of our clients, we quickly and comprehensively supported it,” said Philip Lieberman, President and CEO of Lieberman Software. “After the RSA SecurID breach we received calls from customers demanding alternatives to SecurID. We then joined OATH and began collaborating with Yubico to support not only the OATH token standard, but also Yubico’s token known as the YubiKey.”
New Reconfigurable Tokens
Lieberman Software chose to partner with Yubico because its tokens can be re-seeded at will by authorized IT administrators. User-controlled re-seeding eliminates the reliance on token vendors to reissue compromised tokens. This capability means that customers control the critical part of their security product supply chain by programming their own tokens with secrets that are only known the customer and not the vendor of the token; this eliminates the core vulnerability that came to light with the recent RSA SecurID compromise.
“The RSA Security breach demonstrates how critical it is for enterprises to keep their options open when it comes to multi-factor authentication,” Lieberman said. “By partnering with Yubico and providing multi-factor authentication that lets customers quickly configure their tokens on-the-fly as needed, we’re helping our common customers better protect their IT resources and stay one step ahead of emerging threats.”
"Yubico is pleased to partner with Lieberman Software," said Stina Ehrensvärd, CEO and Founder of Yubico. “YubiKey in conjunction with Lieberman Software’s privileged identity management products offers high security and a great user experience for enterprise password management.”
About Yubico and YubiKey
YubiKey is a USB token that provides one-time authentication either via its support of the OATH standard for event based tokens, or via its proprietary 128-bit AES encrypted key/token code generator. More cost effective than conventional tokens, YubiKey is waterproof and battery-free, and features one-button, event-based activation that eliminates synchronization faults and password entry errors.
About Lieberman Software Corporation Lieberman Software provides privileged identity management and security management solutions that protect the multi-platform enterprise. By automating time-intensive IT administration tasks, Lieberman Software increases control over the computing infrastructure, reduces security vulnerabilities, improves productivity and helps ensure regulatory compliance. As Pioneers of Privileged Identity ManagementSM Lieberman Software not only developed the first software solution to address this need, its products continue to lead the market in features and functionality. The company is headquartered in Los Angeles, CA with an office in Austin, TX and channel partners throughout the world. For more information, see www.liebsoft.com.
[1]SANS, “Critical Control 8: Controlled Use of Administrative Privileges", http://www.sans.org/critical-security-controls/control.php?id=8.
Product and company names herein may be trademarks of their registered owners.
###
For more information, please contact:
Bill Boyle
Eskenzi PR Ltd.
Tel: +44(0)20 71 832 840
Mble: +44(0)7764 786 488
This email address is being protected from spambots. You need JavaScript enabled to view it.