+1-800-492-3951 or +318.104.22.168.20 (GMT+1)
Bolster your defense against the insider threat
The seriousness of insider threats, intentional or not
Identify & mitigate the risk from authenticated users
Securing network access for all authenticated users
Moving from access logging to continuous monitoring and immediate response
Disseminate good user behaviour to protect against insider threats
Reduce the risk of security breaches from the insider threat
Control system access, identify employees on the network, respond to suspicious activity & protect patient data with IS Decisions solutions. Read more
Strong access control measures, enforced unique user ID and enhanced access monitoring to the network and cardholder data with our solutions. Read more
Userlock and FileAudit can both help you address the requirements of SOX by allowing you to control and monitor system access and identity. Read more
UserLock and FileAudit protect the network, and sensitive information within, against unwanted access to help your business become ISO 27001 compliant. Read more
UserLock directly addresses two access control baselines of NIST 800-53, AC-9 Previous Logon (Access) Notification and AC-10 Concurrent Session Control. Read more
This guide looks at some of the key areas for HIPAA compliance and the NHS Security policies with relation to internal safeguards.
Check if you're compliant
Research and guidance on access security for PCI, SOX, GLBA and FCA regulations that safeguard sensitive financial and customer data.
Research and guidance on user security and information access compliance for FISMA, ISO 27001, DPA and Lexcel regulations.
If you are implementing an insider threat program, here’s a 12 step guide to help ensure that it’s set for the future of internal security.
An alternative to complex, costly and disruptive multi-factor authentication
A report on the frustrations that IT managers face with multi-factor authentication and how to improve access security without impeding end users or disrupting existing infrastructure.
User Security in 2015: The future of addressing insider threat
2015 is set to see a huge rise in the number of IT professionals taking action to address insider threat in their organization according to our new research.
Insider Threat Security Manifesto: Beating the threat from within
What can you do to mitigate the risk of insider threats from both a technological and cultural standpoint?
From Brutus to Snowden: A study of Insider Threat Personas
Who are the most potentially dangerous users in your organization and what you can do to alter behavior and mitigate risk?
Insider Threat Peer Report
A rare insight into the views of security experts from a variety of industries on internal security
Do your actions risk your employer's security? Prove it!
Play The Weakest Link - A User Security Game.
Free to play for any employee in any position, from any department.Help engage your users and reinforce their user security awareness.
UserLock limits concurrent logins, restricts access, monitors, alerts and reports on session activity throughout the corporate Windows network.
FileAudit monitors, archives and reports on access (or access attempts) to sensitive files and folders stored on Microsoft Windows systems.
RemoteExec remotely installs applications, executes programs, scripts and updates files and folders on Windows systems throughout the network.
WinReporter retrieves detailed information about hardware, software and security settings from Windows systems and automatically generates reports.
UserLock allows organizations to prevent or limit concurrent logins to a Microsoft Windows Server based Network, per user or user group and per session type (workstation, terminal, interactive, VPN/RAS or IIS). Limitations can be set in a granular way and can vary from one user to another or one group to another.
With UserLock you will be able to define and enforce the maximum number of:
where a user can be logged on
that a user can open
(of all kinds) that a user can open
You can for example set a custom limit to prevent the number of workstation sessions plus the number of Wi-fi & VPN sessions to being greater than one.
Administrators can also choose to either:
If the total number of allowed sessions has been reached, users can remotely close a previous session from the new login attempt. This forces an immediate logoff on the previous session but can mean unsaved documents are lost.
Distinguish between active and locked sessions. Here a user can open as many interactive sessions as they want but only one can be active at a time. With direct access to previous sessions protected through automatic locking, an administrator can increase the number of permitted user sessions whilst limiting or even preventing the number of concurrent logins allowed.
There is no way in Windows native functionality to limit a given user account from logging on at one computer or device at a time.
The reason stems from the architecture of Windows; there is no entity keeping track of all the places where a user is logged on as each workstation or device handles that individually. Workstations talk to the domain controller but the domain controller is only involved in the initial authentication.
Read more here
Solutions based on windows login scripts present serious drawbacks and limitations to suit IT infrastructure’s security requirements. Allowing login script solutions to secure and control simultaneous sessions is a major threat to your network security.
Preventing or limiting simultaneous logins is required for an Information System to comply with major regulatory constraints, including for example:
There are very few legitimate reasons for a user to be connected to a network from several different workstations.
Uncontrolled concurrent logins to a Windows network remains a serious security flaw and significantly increases network vulnerability.
You should have the ability to determine in a very granular way what are the legitimate needs of simultaneous logins for each (group of) user(s) within your organization and efficiently enforce that decision.
Preventing or limiting concurrent logins:
(Free number for US & Canada)
Copyright © - IS Decisions | All Rights Reserved.