Lieberman Software and Yubico partner to deliver stronger security in the wake of RSA token breach
London - 25 July 2011
Partnership Provides Improved Countermeasures against Threats like Token Breaches, Key Logging, Social Engineering and Other Attacks.
A new generation of regulatory compliance rules mandates the use of multi-factor authentication to ensure that only authorized IT staff are able to access an organization’s powerful privileged accounts.
Trustworthy authentication is especially crucial when it comes to the identities of privileged users such as IT administrators, application developers and others who login to computers, applications and appliances with elevated, “super-user” credentials. According to SANS Institute, “the misuse of administrator privileges is the number one method for attackers to spread inside a target enterprise.”
Lieberman Software Corporation is responding to the need for reliable multi-factor authentication by upgrading the latest versions of its Enterprise Random Password Manager™ (ERPM) and Random Password Manager™ (RPM) products with native support for the Yubico token, YubiKey®. Lieberman Software provides products that actively discover and manage privileged identities used in government and commercial enterprises.
Until the recent RSA SecurID® token breach Lieberman Software products supported only The RSA SecurID product line for multifactor authentication. Following the RSA token breach, the company began seeking alternative multifactor solutions that are not subject to the RSA vulnerabilities.
“RSA SecurID was the ‘gold standard’ when it came to multi-factor authentication and since it was the trusted supplier for most of our clients, we quickly and comprehensively supported it,” said Philip Lieberman, President and CEO of Lieberman Software. “After the RSA SecurID breach we received calls from customers demanding alternatives to SecurID. We then joined OATH and began collaborating with Yubico to support not only the OATH token standard, but also Yubico’s token known as the YubiKey.”
New Reconfigurable Tokens
Lieberman Software chose to partner with Yubico because its tokens can be re-seeded at will by authorized IT administrators. User-controlled re-seeding eliminates the reliance on token vendors to reissue compromised tokens. This capability means that customers control the critical part of their security product supply chain by programming their own tokens with secrets that are only known the customer and not the vendor of the token; this eliminates the core vulnerability that came to light with the recent RSA SecurID compromise.
“The RSA Security breach demonstrates how critical it is for enterprises to keep their options open when it comes to multi-factor authentication,” Lieberman said. “By partnering with Yubico and providing multi-factor authentication that lets customers quickly configure their tokens on-the-fly as needed, we’re helping our common customers better protect their IT resources and stay one step ahead of emerging threats.”
"Yubico is pleased to partner with Lieberman Software," said Stina Ehrensvärd, CEO and Founder of Yubico. “YubiKey in conjunction with Lieberman Software’s privileged identity management products offers high security and a great user experience for enterprise password management.”