+1-800-492-3951 or +322.214.171.124.20 (GMT+1)
Bolster your defense against the insider threat
The seriousness of insider threats, intentional or not
Identify & mitigate the risk from authenticated users
Securing network access for all authenticated users
Moving from access logging to continuous monitoring and immediate response
Disseminate good user behaviour to protect against insider threats
Reduce the risk of security breaches from the insider threat
Control system access, identify employees on the network, respond to suspicious activity & protect patient data with IS Decisions solutions. Read more
Strong access control measures, enforced unique user ID and enhanced access monitoring to the network and cardholder data with our solutions. Read more
Userlock and FileAudit can both help you address the requirements of SOX by allowing you to control and monitor system access and identity. Read more
UserLock and FileAudit protect the network, and sensitive information within, against unwanted access to help your business become ISO 27001 compliant. Read more
UserLock directly addresses two access control baselines of NIST 800-53, AC-9 Previous Logon (Access) Notification and AC-10 Concurrent Session Control. Read more
This guide looks at some of the key areas for HIPAA compliance and the NHS Security policies with relation to internal safeguards.
Check if you're compliant
Research and guidance on access security for PCI, SOX, GLBA and FCA regulations that safeguard sensitive financial and customer data.
Research and guidance on user security and information access compliance for FISMA, ISO 27001, DPA and Lexcel regulations.
Rather than blaming users for being human, start better protecting users’ authenticated access.
If you are implementing an insider threat program, here’s a 12 step guide to help ensure that it’s set for the future of internal security.
An alternative to complex, costly and disruptive multi-factor authentication
A report on the frustrations that IT managers face with multi-factor authentication and how to improve access security without impeding end users or disrupting existing infrastructure.
User Security in 2015: The future of addressing insider threat
2015 is set to see a huge rise in the number of IT professionals taking action to address insider threat in their organization according to our new research.
Insider Threat Security Manifesto: Beating the threat from within
What can you do to mitigate the risk of insider threats from both a technological and cultural standpoint?
A Study of Insider Threat Personas
Who are the most potentially dangerous users in your organization and what you can do to alter behavior and mitigate risk?
Insider Threat Peer Report
A rare insight into the views of security experts from a variety of industries on internal security
ISO 27001/2 Compliance - Information access and user security
Learn about the requirements of ISO 27001 and ISO 27002 compliance with regards to user security and information access and where organizations could be doing better today.
Do your actions risk your employer's security? Prove it!
Play The Weakest Link - A User Security Game.
Free to play for any employee in any position, from any department.Help engage your users and reinforce their user security awareness.
UserLock limits concurrent logins, restricts access, monitors, alerts and reports on session activity throughout the corporate Windows network.
FileAudit monitors, archives and reports on access (or access attempts) to sensitive files and folders stored on Microsoft Windows systems.
RemoteExec remotely installs applications, executes programs, scripts and updates files and folders on Windows systems throughout the network.
WinReporter retrieves detailed information about hardware, software and security settings from Windows systems and automatically generates reports.
According to a report recently issued by Cisco Systems, 7 out of 10 young employees frequently ignore IT policies and two-thirds said they believe their company's policies need to be modified. About 61 percent said corporate IT security isn't their responsibility, believing it is that of their employer or the maker of their devices.
Of those who were aware of IT security policies, 70% of employees worldwide admitted to breaking policy with varying regularity. Among the different reasons, the most common was the belief that employees were not doing anything wrong (33%). One in five (22%) cited the need to access unauthorized programs and applications to get their job done, while 19% admitted the policies are not enforced. Some (18%) said they do not have time to think about policies when they are working, and others either said adhering to the policies is not convenient (16%), they forget to do so (15%), or their bosses aren't watching them (14%). The attitude of younger workers to technology clearly represents a new and growing threat to corporate IT security.
Beyond IT security awareness and training programs, organizations must find ways to efficiently enforce their computer security policies.
UserLock has a role to play here, as this software solution gives CSOs and Network Administrators the means to secure access to their Windows network and to quickly react in case of inappropriate behavior.
Using UserLock makes it possible to:
Users can for example be advised that system usage is monitored, recorded, subject to audit, and that unauthorized use is prohibited and subject to criminal and civil penalties. This is an efficient reminder for thoughtless employees, young or not.
UserLock allows setting and enforcing access restrictions in a granular way. An example of multi-criteria restriction could be: prevent a given user (or group, or Organizational Unit) from logging to the network:
The login system is the first line of defense of a Windows network. Restricting user access reduces the attack surface of the network and keeps rogue or careless users at bay.
UserLock allows real time session surveillance and monitoring; at all times a System Administrator knows who is connected, from what workstation(s), since when, etc. Popup or email alerts can also be sent to the network administrators for specific events such as denied logins, successful logins and logoffs.
In case of suspicious behavior, System Administrators can instantly take action to tackle insider threats.
Limiting or preventing concurrent logins decreases the ability of users to share their credentials, as it would impact their own ability to access to the network.
It also makes it impossible for a rogue user to seamlessly use valid credentials at the same time as their legitimate owner, access that user’s data and applications, send Emails in his name, etc.
Simultaneous logins limitation or prevention avoids serious accountability and non-repudiation issues.
Check UserLock detailed features
Download a free trial
Share this page:
(Free number for US & Canada)
Copyright © - IS Decisions | All Rights Reserved.