Even when administrators lock up their servers, apply patches, and use group policy to lock down server and workstation security, it can still only take a few minutes for a hacker to unlock the keys to the kingdom: administrator/root accounts and passwords. Anyone with initiative can gain unrestricted access to systems without leaving a trace. A privileged password management solution can generate unique credentials for each account and cane used to store them in an encrypted database.

IT teams are responsible for maintaining a vast infrastructure of servers, workstations, mobile systems, databases, firewalls, and network devices. Each one of these assets is controlled with privileged passwords that allow full access to these components. Typically, these networks have thousands of such privileged accounts, so IT groups often deploy every system with an identical password and then leave this password unchanged throughout the enterprise.

The fundamental flaw with this practice is the serious security implications and regulatory compliance violations that occur if the local password on even one system is compromised. Without frequently and automatically generated unique passwords for every privileged account, a user can decrypt one password and gain unrestricted access to every place in the network that uses the same credentials. Former staff familiar with the privileged passwords at their previous organizations, as well as current employees with similar access, pose a particular threat.

To resolve the problem, every privileged account in the organization must be automatically discovered and updated at regular intervals.

IT departments should implement solutions that enhance security, centrally manage and control dispersed systems, and improve IT productivity and availability, cost-effectively and with minimal disruption to the computing infrastructure. Here is a checklist of the capabilities that every IT manager should deploy:

• Automatically updating local and domain privileged account passwords.
• Determining which files, folders, and applications each employee can access.  Enabling audited, self-service user password resets. 
• Blocking unauthorized applications from executing on agency systems. 
• Locating and disabling stale user accounts. 
• Detecting and removing all rogue users and groups, and unauthorized shares.
• Ensuring compliance with NIST and other regulatory mandates. 

Philip Lieberman, the founder and president of Lieberman Software, has 30 years of experience in the software industry. In addition to his proficiency as a software engineer, Lieberman is also an astute entrepreneur who is able to perceive shortcomings in existing products on the market, and fill those gaps with innovative solutions. He developed the first products for the privileged password management and shared account password management space, and continues to introduce new solutions to resolve the security threat of common local account credentials.   Lieberman has published numerous books in the field of computer science, has taught at UCLA, and has been the author of many computer science courses for Learning Tree International.  He has a B.A. from San Francisco State University (1981) in Physics with minors in Computer Science and Business. 

Lieberman Software provides privileged identity management and security management solutions that help secure the cross-platform enterprise. By automating time intensive systems administration tasks, Lieberman Software increases control over the IT infrastructure, subsequently reducing security vulnerabilities, improving productivity, minimizing system failures, and ensuring compliance. Since 1994 Lieberman Software has been providing solutions which ensure that the largest corporate, education, and government enterprises remain managed, secure, and compliant. The company is a managed Microsoft Gold Certified Partner headquartered in Los Angeles, CA with a support office in Austin, TX.