Password management for dummies

Windows Networking Strategies This newsletter is sponsored by Arsenal Digital Solutions Data Protection: Preferred Strategies used by SMBs Data has become the most valuable resource that many companies own. Organizations of all sizes are actively searching for reliable, affordable solutions for data protection to help them with business continuity, disaster recovery, and compliance. The problem is especially acute for small and mid-sized businesses (SMBs), which typically lack the resources to add new technologies or manage the growing infrastructure required to deal with the problem. Click here to listen to this webcast which reveals the latest findings and trends! Network World's Windows Networking Strategies Newsletter, 06/20/07 Password management for dummies By Dave Kearns One of the neglected security holes in a Windows network is the local administrator password for your users’ desktop machines. Many organizations synchronize these, so that the same password can be used for each. This makes it much more efficient for IT personnel to maintain and modify those machines. Of course, it also means that everybody knows the password – someone will eventually tell a user what it is, or let a user watch them type it in. In any event, it really is a “shared secret,” shared by most of the organization, and probably a few outside of it. Even periodic changing of the password only protects the systems for a short time until the secret is out once again. Alternatively, you could establish separate, distinct passwords for each machine and empower the user to change it periodically. Or send around members of your staff to make the changes. But what happens when you need to maintain that machine, and the person who last changed the password isn’t available? Maybe you could create a spreadsheet of all the passwords … Lieberman Software thinks it has a better way. Random Password Manager (RPM) addresses what the company calls the “common accounts credentials” dilemma. The accounts it refers to are those, like the local administrator account, that are on multiple systems within your network. Securing Data in Any Format, Wherever It Goes InfoWorld's Enterprise Data Protection Executive Forum, June 26 in New York City, is the premiere event for IT professionals looking to streamline their data protection strategy. Best practices, tactical guidance, reviews of new security requirements, and success stories from the experts are all designed to help you secure your data in any format, wherever it goes.. Register today at http://www.EDPExecutiveForum.com RPM works by periodically randomizing the local administrator passwords throughout the enterprise. All of your systems maintain unique account credentials, preventing one compromised password from threatening the security of your entire network. RPM also allows remote recovery of passwords on demand, so your delegated users can safely retrieve the temporary administrative credentials required to accomplish routine systems management operations. Randomization is managed from a central console based on schedules you establish. Users can quickly access a unique password for their systems through a delegated Web interface and, once they have completed their administrative tasks - such as installing applications or device drivers - the password is checked in and automatically spun to create a new, unique account. That’s a real boon for remote or after-hour workers who do not have immediate access to the help desk. Of course it also reduces the expenses and demands of 24/7 remote systems administration. RPM uses Microsoft SQL Server and/or Microsoft SQL Server Desktop Engine. The standalone package retails for approximately $29 per managed system. Discounts are available. $29 per system, what’s protecting your assets worth?   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. 'Italian job' Web attack hits 10K sites 2. The case of the 500-mile e-mail 3. Pressure's on IBM to forgive millions in IT debt 4. Linux Foundation: Microsoft won't sue 5. The dos and don’ts of data breaches 6. Feds choose 10 vendors to secure mobile data 7. Zenoss Core wins test of open source tools 8. Top 15 USB geek gadgets 9. 10 reasons why it’s good and bad to be HP 10. Juniper feels growing pains MOST-READ REVIEW: Open source management-tool alternatives hit the mark

Contact the author: Dave Kearns is a writer and consultant in Silicon Valley. He's written a number of books including the (sadly) now out of print "Peter Norton's Complete Guide to Networks." His musings can be found at Virtual Quill. Kearns is the author of two Network World Newsletters: Windows Networking Strategies, and Identity Management. Comments about these newsletters should be sent to him at these respective addresses: windows@vquill.com, identity@vquill.com . Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail. This newsletter is sponsored by Arsenal Digital Solutions Data Protection: Preferred Strategies used by SMBs Data has become the most valuable resource that many companies own. Organizations of all sizes are actively searching for reliable, affordable solutions for data protection to help them with business continuity, disaster recovery, and compliance. The problem is especially acute for small and mid-sized businesses (SMBs), which typically lack the resources to add new technologies or manage the growing infrastructure required to deal with the problem. Click here to listen to this webcast which reveals the latest findings and trends! ARCHIVE Archive of the Windows Networking Strategies Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007