Lieberman Software and Yubico partner to deliver stronger security in the wake of RSA token breach
July 2011 by Marc Jacob
A new generation of regulatory compliance rules mandates the use of multi-factor authentication to ensure that only authorized IT staff are able to access an organization’s powerful privileged accounts.
Trustworthy authentication is especially crucial when it comes to the identities of privileged users such as IT administrators, application developers and others who login to computers, applications and appliances with elevated, “super-user” credentials. According to SANS Institute, “the misuse of administrator privileges is the number one method for attackers to spread inside a target enterprise.”1
Lieberman Software Corporation is responding to the need for reliable multi-factor authentication by upgrading the latest versions of its Enterprise Random Password Manager™ (ERPM) and Random Password Manager™ (RPM) products with native support for the Yubico token, YubiKey®. Lieberman Software provides products that actively discover and manage privileged identities used in government and commercial enterprises.
Until the recent RSA SecurID® token breach Lieberman Software products supported only The RSA SecurID product line for multifactor authentication. Following the RSA token breach, the company began seeking alternative multifactor solutions that are not subject to the RSA vulnerabilities.
New Reconfigurable Tokens
Lieberman Software chose to partner with Yubico because its tokens can be re-seeded at will by authorized IT administrators. User-controlled re-seeding eliminates the reliance on token vendors to reissue compromised tokens. This capability means that customers control the critical part of their security product supply chain by programming their own tokens with secrets that are only known the customer and not the vendor of the token; this eliminates the core vulnerability that came to light with the recent RSA SecurID compromise.