- Company Achieves Significant Growth in New Products, Partnerships and Customers
- IT Governance Institute Survey has revealed Outsourcing, Social Media and GEIT Trends
- Idappcom says that a constant patch and review process is essential to defend a company’s IT resources more effectively
Lieberman Software Corporation, the Pioneers of Privileged Identity Management last week announced that the company set record sales in 2010, with year-over-year revenues increasing nearly 40 percent and new business sales rising 62%. Accelerated growth was fueled by the company’s flagship product Enterprise Random Password Manager (ERPM), as more organisations addressed enterprise level security vulnerabilities that impact corporate governance and regulatory compliance.
“We achieved significant market share improvements by delivering solutions that require little or no professional services, and can be fully deployed and ready for an enterprise audit within days of delivery,” said Jess Richter, director of sales, Lieberman Software. “The ability to immediately deliver comprehensive proof of controls and continuous compliance in large and highly regulated enterprises is a key to our success. It is also crucial to customers who demand rapid and permanent mitigation of risks without the need to spend months or years trying to solve their privileged identity management challenges.”
Lieberman Software’s record growth was fueled by a number of factors in 2010 including:
- Customer Satisfaction: Lieberman Software’s 2010 growth came from dramatic increases in sales to large enterprises worldwide and repeat purchases by its established customer base. As a result of successful, cost-effective deployments numerous customers in North America and Europe expanded department installations to cover their entire enterprises.
- Superior Features: Large organisations have established ERPM as the solution of choice for wide-scale deployments because of its highly scalable architecture and its automated True Discovery™ capabilities that relieve IT staff from the constant intervention and oversight required of competing solutions.
- ·Market Awareness: Customer understanding of privileged identity management requirements make ERPM a compelling choice for its broad interoperability and easy installation that can be rapidly implemented by end-users. This is in contract to other products in the market that are appliance-based, proprietary and rely heavily on professional services to deploy, upgrade and integrate.
- Product Innovation: The company released significant product upgrades in 2010, including new cloud security capabilities, out-of-the box integration with leading SIEM, helpdesk and incident recording solutions; and expanded wizard-driven support for the largest number of hardware and software infrastructure platforms of any supplier in the marketplace – all available at no added cost to existing customers. New or expanded partnerships for 2010 were announced with industry leaders such as ArcSight, BMC Software, Dell, Hewlett-Packard, Microsoft, Novell, ObserveIT, Oracle, Raytheon, RSA, Sybase and Thales.
- Channel Partnerships: As the result of Lieberman Software’s expanded reseller partner support, channel partners’ share of sales more than doubled for 2010, triggered by an explosive 728% growth in new business sales through the channel. Additionally, the company announced key new channel partnerships in the US, Europe, the Middle East and Asia Pacific.
According to President and CEO Philip Lieberman, “Customers prefer Lieberman Software solutions because our products quickly and permanently solve complex corporate security problems with a minimum of IT staff overhead. Because we have been delivering the top products in this space for more than 12 years, virtually every scenario that customers can envision for network-wide privileged identity security has already been solved, out of the box with just a few mouse clicks.”
The company expects to continue increasing its market share in 2011 as IT auditors find more issues with organisations that use ad-hoc and proprietary solutions that cannot effectively control privileged account security and may fail to keep pace with the demands of complex, frequently changing cloud and enterprise networks.
“With our solutions, auditors can return to our clients’ sites and immediately verify that controls are in place and functioning – even after systems, accounts and applications have been added or changed – with little to no manual work required to keep the environment well managed and secure,” Lieberman said.
- Meanwhile, IT Governance Institute Survey has revealed Outsourcing, Social Media and GEIT Trends
Forty percent of C-level executives have stated that they are not planning to adopt cloud computing, according to the fourth Global Status Report on the Governance of Enterprise IT (GEIT, conducted by the nonprofit, IT Governance Institute (ITGI), ISACA’s research affiliate. Respondents who do not plan to use cloud computing at all in the near future list security (47%) and privacy concerns (50%), followed closely by legacy infrastructure investments (35%), as barriers to adoption. The 2011 study polled 834 executives from 21 countries, divided almost evenly between business executives (CEOs, CFOs and COOs) and IT executives (CIOs and heads of IT). Of the executives who use or plan to use cloud computing for IT services 60 percent was non-mission critical and 40 percent would also trust the cloud for mission-critical IT services. Organizations are also actively employing outsourcing, with 93 percent fully or partially outsourcing some of their IT activities.
“Emerging technologies such as cloud computing and outsourcing can be managed effectively by integrating good governance over IT. Organizations need to adopt new service delivery models to stay competitive, and this is fueling a strong commitment to enterprise IT governance across the C-suite,” said Ken Vander Wal international vice president. “Assessing the value of current investments, building consensus among stakeholders and mitigating risk with third-party providers all require a comprehensive governance framework for organizations to be sure they are doing the right things and doing things right.”
The ITGI study and three past editions are available as free downloads from www.isaca.org/ITGI-Global-Survey-Results. The study analyzes the degree to which the concept of GEIT is accepted by the C-suite and determines GEIT maturity levels, recognized frameworks, required/preferred certifications, and impact of current special-interest, GEIT-related topics.
Of the C-level executives surveyed, 95 percent consider governance of enterprise IT important. This reveals an almost universally shared perception of IT as a critical contributor to overall business strategy, no matter where the organization is on the path of GEIT maturity.
Key findings include:
- ·Value creation of IT investments is one of the most important dimensions of IT’s contribution to the business (mentioned by more than nine out of 10 respondents). But challenges exist: increasing IT costs and an insufficient number of IT staff are the most common IT-related issues experienced by respondents in the past 12 months.
- ·There is a correlation between the position of the head of IT in the enterprise’s hierarchy and the pro-active nature of the IT department. Overall, 70 percent of respondents noted that the head of IT is a member of the senior management team, but this figure increases to 80 percent for those enterprises where IT has a proactive role.
- ·Governance of enterprise IT (GEIT) is a priority with most enterprises—only five percent indicated that they do not consider it important. Two-thirds of respondent enterprises have some GEIT activities in place, the most common being the use of IT policies and standards, followed by the employment of defined and managed IT processes. The main driver for activities related to GEIT is ensuring that IT functionality aligns with business needs, and the most commonly experienced outcomes are improvements in management of IT-related risk and communication and relationships between business and IT.
- ·Outsourcing is highly prevalent across the board, but especially in larger enterprises and those where IT is considered important or very important to the delivery of the business strategy or vision.
- ·Sixty percent of respondents use or are planning to use cloud computing for non-mission-critical IT services, and more than 40 percent use or are planning to use it for mission-critical IT services. For companies that do not have plans to use cloud computing the main reasons are data privacy and security concerns.
- ·The global economic downturn has had an effect on IT activities, the primary response initiatives being: (1) a reduction in contractor staff, (2) a reduction in permanent staff and (3) a consolidation of the infrastructure.
- ·The use of Facebook or Twitter at work is not highly prized; only one out of five respondents believes that the benefits of employees using social networking outweigh the risks.
“The overwhelming consensus about the importance of IT governance is encouraging. As 2011 IT initiatives get underway against an economic backdrop that continues to be volatile, the ability to balance and manage value creation, risk management and optimization of resources will be critical,” said Roger Southgate, Past President ISACA London and Independent Governance and Risk Consultant.
This year’s study shows that top tactics used to battle the economic downturn were a reduction in contractor and permanent staff numbers and infrastructure consolidation. According to the Global Status Report on GEIT, GEIT processes can ensure that this focus is balanced with a view on investments that can generate cost savings and ultimately become self-funding.
Successfully implementing GEIT depends on effective change management, communication, scoping and identification of achievable objectives. The outcomes encompass shorter-term benefits such as reduced cost and longer-term benefits such as enhanced management of IT-related risk, improved relationships between business and IT, and increased business competitiveness. The top outcomes cited in this year’s study are improved management of IT-related risk (mentioned by 42 percent of respondents) and better communication and relationships between business and IT.
- Idappcom says that a constant patch and review process is essential to defend a company’s IT resources more effectively
And commenting on the latest annual Secunia security vulnerability report, Idappcom says that blaming third-party apps for security problems on PCs is the incorrect way of approaching the perennial problem of the way software applications interact with each other.
According to Anthony Haywood, CTO with the data traffic analysis and security specialist, the problem of inter-application security issues has been around ever since the Windows API was first seen way back in 1985.
"A lot has changed in the last 26 years, not least the number of function calls which the WinAPI now supports, having increased massively since the original 450 seen in Windows 1.0," he said.
"Against this backdrop, it's interesting to see our colleagues at Secunia reporting that vulnerabilities in third-party products are the weakest link in software installations. More than anything, this confirms something our researchers have noted for some time, namely that software patches and updates need to be installed on a very timely basis, and allied to a highly effective range of IT security software at all times," he added.
Haywood went on to say that the report, which also predicts that network vulnerabilities will continue to be a problem in the year ahead, does an excellent job in detailing the issues that a good IT security manager and his/her team needs to address.
It all comes down to due diligence and risk analysis, a series of processes that needs to be updated and reviewed on a continual basis, rather than treating it as an annual `tick and check' project to be carried out like a stocktaking exercise, he explained.
Having said that, the Idappcom CTO noted that the report's conclusions - which include the fact that there often is a delay between flaws being exploited and the IT team in an organisation `getting around' to patching the flaw on a remediated basis - need to be addressed.
And it's for this reason that Haywood recommends that organisations look to automated patching software, which can now be sourced on a freeware basis for several operating systems.
"It's interesting to note that Secunia has developed its own auto-update application - PSI 2.0 - which is free of charge and is actually a reduced feature version of the pay-for edition," he said.
"The good news is that the message about the requirement for timely patches appears - at last - to be getting through to the software vendor community, especially Adobe, which now has an auto-update mechanism for Acrobat, Flash and Reader, developed apparently after lobbying from users," he added.
"When allied to a competent security advisory service like our own, IT security managers can rest easy in their beds, sure in the fact that their IT resources are as well defended as it is possible to be with the resources that are now available."