Page 126 - CDM-Cyber-Warnings-March-2014
P. 126
Password Manager Pro, the industry-leading enterprise privileged password management solution, now supports SAML 2.0 to enable integration with federated identity management solutions for single sign-on. Other enhancements to Password Manager Pro include secure, SSH/Telnet access to remote devices in data centers (via the provision to configure jump servers). STEALTHbits Technologies I hung out with these guys for a bit and they told me that RSA Conference 2014 was a big success on the two fronts where STEALTHbits wanted the most exposure: customer conversations and new partners to use as routes to market. Their success selling unstructured data capabilities in the identity governance market through the leading vendors in that space will clearly continue as they seemed to draw a crowd of interested customer opportunities. I believe that the conference was a pivotal point for validating the strength of the data access governance market. Not only were there double the number of vendors on the floor talking about solving these problems, the biggest company in the space had a hugely successful IPO on the Friday of the RSA Conference week. Their open architectural approach - which allows them to sell directly to customers or as a part of a larger governance framework - will continue to differentiate them as the competition heats up. Security is not an unexplored “green field.” I concur with their assessment that the player that can fit easily into a larger playing field of solutions will be the ultimate victor. One thing that surprised me was how much conversation I overheard at their booth about open shares; access granted to everyone in an organization. You would think that at a security themed show this would be old news. But many of the people they spoke to were extremely interested in how they could tell them where their open shares were, who had access to them, how that access was being granted, and what sort of activity was going on with data shared there. Keep an eye on these guys, they are an interesting player in an important category. Lieberman Software In their presentation at RSA they discussed the general assumption that password and certificate maximum age standards for compliance are now irrelevant. We now see password ages for privileged accounts limited to hours rather than the conventional 30 to 90 days maximum. In the case of certificate lifetimes of years or decades, we are now seeing certificate lifetimes in minutes to days. In both cases, there is a realization that privileged credentials and the components for encryption are being captured, and the goal is to limit the value of compromised credentials. The general wisdom of a defense being 100% effective has come to an end. We see the realization of a new reality where at least one or more systems within their environment are compromised, and now the job of IT Security is to minimize damage, discover and neutralize intruders after they have entered the environment. In our discussions, Lieberman Software’s CEO discussed how Target’s breach was also a common wakeup call for many at the conference confirming that even at the largest companies in the world, the basics of simply having different random passwords on each device and server " # % " $ " # ! !
