A new generation of regulatory compliance rules mandates the use of multi-factor authentication to ensure that only authorized IT staff are able to access an organizationâs powerful privileged accounts.
Trustworthy authentication is especially crucial when it comes to the identities of privileged users such as IT administrators, application developers and others who login to computers, applications and appliances with elevated, âsuper-userâ credentials. According to SANS Institute, âthe misuse of administrator privileges is the number one method for attackers to spread inside a target enterprise.â
Lieberman Software Corporation is responding to the need for reliable multi-factor authentication by upgrading the latest versions of its Enterprise Random Password Managerâ¢ (ERPM) and Random Password Managerâ¢ (RPM) products with native support for the Yubico token, YubiKeyÂ®. Lieberman Software provides products that actively discover and manage privileged identities used in government and commercial enterprises.
Until the recent RSA SecurIDÂ® token breach Lieberman Software products supported only The RSA SecurID product line for multifactor authentication. Following the RSA token breach, the company began seeking alternative multifactor solutions that are not subject to the RSA vulnerabilities.
âRSA SecurID was the âgold standardâ when it came to multi-factor authentication and since it was the trusted supplier for most of our clients, we quickly and comprehensively supported it,â said Philip Lieberman, President and CEO of Lieberman Software. âAfter the RSA SecurID breach we received calls from customers demanding alternatives to SecurID. We then joined OATH and began collaborating with Yubico to support not only the OATH token standard, but also Yubicoâs token known as the YubiKey.â
New Reconfigurable Tokens
Lieberman Software chose to partner with Yubico because its tokens can be re-seeded at will by authorized IT administrators. User-controlled re-seeding eliminates the reliance on token vendors to reissue compromised tokens. This capability means that customers control the critical part of their security product supply chain by programming their own tokens with secrets that are only known the customer and not the vendor of the token; this eliminates the core vulnerability that came to light with the recent RSA SecurID compromise.
âThe RSA Security breach demonstrates how critical it is for enterprises to keep their options open when it comes to multi-factor authentication,â Lieberman said. âBy partnering with Yubico and providing multi-factor authentication that lets customers quickly configure their tokens on-the-fly as needed, weâre helping our common customers better protect their IT resources and stay one step ahead of emerging threats.â
"Yubico is pleased to partner with Lieberman Software," said Stina EhrensvÃ¤rd, CEO and Founder of Yubico. âYubiKey in conjunction with Lieberman Softwareâs privileged identity management products offers high security and a great user experience for enterprise password management.â