Search This Blog

Wednesday, June 20, 2007

Password management for dummies

Network World

Windows Networking Strategies




Network World's Windows Networking Strategies Newsletter, 06/20/07

Password management for dummies

By Dave Kearns

One of the neglected security holes in a Windows network is the local administrator password for your users’ desktop machines. Many organizations synchronize these, so that the same password can be used for each. This makes it much more efficient for IT personnel to maintain and modify those machines. Of course, it also means that everybody knows the password – someone will eventually tell a user what it is, or let a user watch them type it in. In any event, it really is a “shared secret,” shared by most of the organization, and probably a few outside of it. Even periodic changing of the password only protects the systems for a short time until the secret is out once again.

Alternatively, you could establish separate, distinct passwords for each machine and empower the user to change it periodically. Or send around members of your staff to make the changes. But what happens when you need to maintain that machine, and the person who last changed the password isn’t available? Maybe you could create a spreadsheet of all the passwords …

Lieberman Software thinks it has a better way. Random Password Manager (RPM) addresses what the company calls the “common accounts credentials” dilemma. The accounts it refers to are those, like the local administrator account, that are on multiple systems within your network.

Securing Data in Any Format, Wherever It Goes

InfoWorld's Enterprise Data Protection Executive Forum, June 26 in New York City, is the premiere event for IT professionals looking to streamline their data protection strategy. Best practices, tactical guidance, reviews of new security requirements, and success stories from the experts are all designed to help you secure your data in any format, wherever it goes.. Register today at http://www.EDPExecutiveForum.com

RPM works by periodically randomizing the local administrator passwords throughout the enterprise. All of your systems maintain unique account credentials, preventing one compromised password from threatening the security of your entire network. RPM also allows remote recovery of passwords on demand, so your delegated users can safely retrieve the temporary administrative credentials required to accomplish routine systems management operations.

Randomization is managed from a central console based on schedules you establish. Users can quickly access a unique password for their systems through a delegated Web interface and, once they have completed their administrative tasks - such as installing applications or device drivers - the password is checked in and automatically spun to create a new, unique account. That’s a real boon for remote or after-hour workers who do not have immediate access to the help desk. Of course it also reduces the expenses and demands of 24/7 remote systems administration.

RPM uses Microsoft SQL Server and/or Microsoft SQL Server Desktop Engine. The standalone package retails for approximately $29 per managed system. Discounts are available. $29 per system, what’s protecting your assets worth?


  What do you think?
Post a comment on this newsletter

TODAY'S MOST-READ STORIES:

1. 'Italian job' Web attack hits 10K sites
2. The case of the 500-mile e-mail
3. Pressure's on IBM to forgive millions in IT debt
4. Linux Foundation: Microsoft won't sue
5. The dos and don’ts of data breaches
6. Feds choose 10 vendors to secure mobile data
7. Zenoss Core wins test of open source tools
8. Top 15 USB geek gadgets
9. 10 reasons why it’s good and bad to be HP
10. Juniper feels growing pains

MOST-READ REVIEW:
Open source management-tool alternatives hit the mark


Contact the author:

Dave Kearns is a writer and consultant in Silicon Valley. He's written a number of books including the (sadly) now out of print "Peter Norton's Complete Guide to Networks." His musings can be found at Virtual Quill.

Kearns is the author of two Network World Newsletters: Windows Networking Strategies, and Identity Management. Comments about these newsletters should be sent to him at these respective addresses: windows@vquill.com, identity@vquill.com .

Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail.



ARCHIVE

Archive of the Windows Networking Strategies Newsletter.


BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

No comments: