+1-800-492-3951 or +3184.108.40.206.20 (GMT+1)
Bolster your defense against the insider threat
The seriousness of insider threats, intentional or not
Identify & mitigate the risk from authenticated users
Securing network access for all authenticated users
Moving from access logging to continuous monitoring and immediate response
Disseminate good user behaviour to protect against insider threats
Reduce the risk of security breaches from the insider threat
Control system access, identify employees on the network, respond to suspicious activity & protect patient data with IS Decisions solutions. Read more
Strong access control measures, enforced unique user ID and enhanced access monitoring to the network and cardholder data with our solutions. Read more
Userlock and FileAudit can both help you address the requirements of SOX by allowing you to control and monitor system access and identity. Read more
UserLock and FileAudit protect the network, and sensitive information within, against unwanted access to help your business become ISO 27001 compliant. Read more
UserLock directly addresses two access control baselines of NIST 800-53, AC-9 Previous Logon (Access) Notification and AC-10 Concurrent Session Control. Read more
This guide looks at some of the key areas for HIPAA compliance and the NHS Security policies with relation to internal safeguards.
Check if you're compliant
Research and guidance on access security for PCI, SOX, GLBA and FCA regulations that safeguard sensitive financial and customer data.
Research and guidance on user security and information access compliance for FISMA, ISO 27001, DPA and Lexcel regulations.
Rather than blaming users for being human, start better protecting users’ authenticated access.
If you are implementing an insider threat program, here’s a 12 step guide to help ensure that it’s set for the future of internal security.
An alternative to complex, costly and disruptive multi-factor authentication
A report on the frustrations that IT managers face with multi-factor authentication and how to improve access security without impeding end users or disrupting existing infrastructure.
User Security in 2015: The future of addressing insider threat
2015 is set to see a huge rise in the number of IT professionals taking action to address insider threat in their organization according to our new research.
Insider Threat Security Manifesto: Beating the threat from within
What can you do to mitigate the risk of insider threats from both a technological and cultural standpoint?
A Study of Insider Threat Personas
Who are the most potentially dangerous users in your organization and what you can do to alter behavior and mitigate risk?
Insider Threat Peer Report
A rare insight into the views of security experts from a variety of industries on internal security
ISO 27001/2 Compliance - Information access and user security
Learn about the requirements of ISO 27001 and ISO 27002 compliance with regards to user security and information access and where organizations could be doing better today.
Do your actions risk your employer's security? Prove it!
Play The Weakest Link - A User Security Game.
Free to play for any employee in any position, from any department.Help engage your users and reinforce their user security awareness.
UserLock limits concurrent logins, restricts access, monitors, alerts and reports on session activity throughout the corporate Windows network.
FileAudit monitors, archives and reports on access (or access attempts) to sensitive files and folders stored on Microsoft Windows systems.
RemoteExec remotely installs applications, executes programs, scripts and updates files and folders on Windows systems throughout the network.
WinReporter retrieves detailed information about hardware, software and security settings from Windows systems and automatically generates reports.
Different properties and option settings are available on the UserLock server to help manage user access within an organization. This is important when setting a customized access policy that reflects the needs for different groups and individuals that work within the organization.
The Server properties are accessed by right-clicking on the server name from the menu.
The first option concerns the policy behaviour in case two different rules are applied to a same user. Switch it to the most or the least restrictive according to your needs. Remember that whatever policy is selected, a User Protected account always overrides a Group or Organizational Unit (OU) Protected accounts rules.
The Sessions setting is defined to adjust in real time the rules in the event of any network failure, when all UserLock servers are unavailable. Checking this box enables a security process to force in real time the UserLock rules after a period during which they were disabled. A logoff notification will be displayed to users over one minute before closing the session.
The Localization part allows you to tag machines with a building and room label.
‘Mask field’ is ideal if a naming convention is applied for your systems. Just enter your organization mask. When the mask is specified you will see the building name and the room number for all concerned computers in the ‘Agent distribution view’ or in ‘User session view’ (with view by machine enabled).
If you don’t use any naming convention for your machines, you can import a CSV file which contains the localization of your machines.
Two Time Quota options must also be managed within the UserLock server properties.
If the first option is checked, the time that is not consumed when the quota period ends is automatically added to the authorized time of the next period.
The ‘Logoff notification timeout’ range determines the number of minutes during which the notification will be displayed to users when a quota is reached. Be advised that the logoff will be initiated after the number of minutes set here, except if users choose to launch it themselves.
The E-mail settings section allows you to define the SMTP server to use for the Protected Accounts notification.
The E-mail address used as sender must be valid. Please test your configuration before applying it.
The next section concerns the UserLock License. You will find your current serial and your maintenance status.
To register the license, copy and paste the licenses serial that is sent to you.
The logs section contains the Database settings for UserLock. If the top box is checked, every session event will be saved into the UserLock Database to conserve a history and to report on it.
The default database is a free MS Access file provided with the UserLock installation package.
You can set a SQL Server database from here by switching to ‘Other Database’ and launching the database connection Wizard.
Choose your SQL Server and an empty database you previously created. For a new empty database, don’t forget to create the tables the first time.
The last section ‘Security’ allows you to define which user accounts will be able to manage UserLock and what they will be allowed to do.
For example if you want to configure the access for your help desk team and allow it to reset/logoff user sessions, add the corresponding group and select Allow for User sessions. All other features in the both Windows and Web console will be disabled for this group.
(Free number for US & Canada)
Copyright © - IS Decisions | All Rights Reserved.