Recent IS Decisions research among 1500 healthcare, finance, and legal sector workers in both the US and the UK highlighted the current status of how organizations are securing their networks and sensitive information within. The results shed light on how much more needs to be done to mitigate the risk of both security and compliance issues.
Providing unique user logins
The first worrying aspect here included the fact that a third of employees don’t have a unique login. Being able to identify and restrict users down to the individual level is the foundation of any good security approach. If you don’t provide unique logins for users, you can’t restrict their access or identify them! If a breach does occur, you cannot detect how it occurred without being able to identify individuals and their network access activity.
Contextual access controls
Strong security should not come at the expense of employee productivity. Today’s digital workforce require fast access to be effective and thus demand less friction, reducing the value of preventative restrictions that impede users such as tokens. The more you can restrict the less open the network is to a breach from compromised network logins. This is why contextual elements such as restricting concurrent logins, or limiting access to locations and times, are all about reducing the vulnerable surface area without eroding employee agility. From the research only a minority of organizations have taken these extra steps.
Monitoring network and file access
The research showed a lot of work must still to be done on monitoring. It is possible that more organizations are actually monitoring without employee knowledge, but transparency in this regard will encourage good behavior. Monitoring and logging file and network access on a granular level helps an organization to detect and immediately react to any issues before they become a serious problem. In addition to communicating the fact that you’re monitoring your employees, you’ll dissuade leakages and theft from malicious employees, who will know that their actions will come back to haunt them.
How IS Decisions can help address access security with UserLock and FileAudit
Unauthorized access to networks and sensitive information is a critical problem for most organizations and security in a Microsoft Windows Active Directory-based infrastructure relies heavily on a user’s login. UserLock is designed to control and monitor all authenticated users access to the network. It leverages and extends organizations existing Active Directory investment to better protect Windows user logins and reduce the risk from security and compliance issues.
For security administrators, it can be a daunting task trying to identify suspicious activity and data access when the adversary has valid, authorized credentials. It then becomes critical to monitor all access to sensitive data. Not only unauthorized, but authorized as well. Attackers are after data, and for that, they must access it before they can extract it. Visibility is key here, and the operating system’s native tools are inefficient and don’t scale well. Here, FileAudit can help tremendously. FileAudit is a software platform that greatly simplifies file and folder access auditing on Windows server. It is agentless and leverages existing Windows platform technologies to create a real-time monitoring and alerting solution for sensitive data.
Find out more for yourself with the fully functional trials: