Safeguard access to and usage of data for DFARS Compliance
- Aerospace manufacturer
- Aerospace
- United States
)
This manufacturer often works with the U.S. federal government. To continue being awarded contracts, the organization needed to meet DFARS compliance standards. DFARS requires any government contractor to put in place cybersecurity safeguards on what the U.S. government calls "controlled unclassified information." Any company doing business with the U.S. federal government must prove that they are providing security protection for any data being stored, transmitted, or processed on their behalf.
"FileAudit is a great software. It is easy to use, easy to install and very straightforward. It satisfies completely the requirements of the DFARS compliance and saves us (the IT team) a lot of time."
IT Manager
The Challenge
Government contractors must comply with two main cornerstones to DFARS compliance: demonstrating “adequate security” and cyber incident reporting.
As defined by the DFARS, adequate security includes “protective measures that are commensurate with the consequences and probability of loss, misuse, or unauthorized access to, or modification of information.”
For this reason, the contractor needed a file auditing and reporting solution that would allow them to show they had put in place proper access controls and reporting tools to protect government data against unauthorized access.
Previously, IT was gathering and analyzing data from Windows Security Event logs. This proved a nightmare for the IT Manager.
"Working with native Windows logs is just not possible. It takes far too much time to get half of what is needed."
IT Manager
The IT manager was assigned the task to find a third-party software that would provide real-time data and meet the necessary requirements. They needed to have constant visibility into what data is being accessed, by whom, when, from where, etc. This real-time information is absolutely necessary to remain vigilant against inappropriate access.
After his own online research, the company decided to try IS Decision’s FileAudit. They found the software very easy to set up and use, and immediately saw the time saving value that it could provide to a busy IT team.
"FileAudit was up and running in less than an hour. It is very easy to install and configure. I found the online tutorials and documentation to be very helpful."
IT Manager
FileAudit’s comprehensive auditing mixed with the ability to alert IT teams of the presence of suspicious file access activity, helped focus the proper attention on what could equate to a data breach. Especially important were FileAudit’s mass access alerts. They allowed the company to be alerted on the most common ‘potential red flags’ - the presence of mass copying or bulk deletion or movement of data.
In the first few months of using the software, the IT manager was able to see the value of the mass access alert feature when it was triggered due to abnormal accesses on the server. Several documents were being accessed at once, using a large amount of bandwidth, and thanks to FileAudit he was able to pinpoint immediately the machine generating those accesses.
Having FileAudit in place has helped the company reach requirements needed for the DFARS compliance. FileAudit provides actionable information about all access made to folders, files and file shares. It allows them to show proper access controls and reporting tools were in place in order to protect government data against unauthorized access.
The alerts indicate the user name, source (machine name and IP address), the date and time of the violation as well as the alert parameters, making it easy to further investigate within FileAudit the full access history.
If there are any security issues within an organization, FileAudit can run reports to see who’s accessed a file or folder and management can quickly address it with that individual.
"FileAudit is a great software. It is easy to use, easy to install and very straightforward. It satisfies completely the requirements of the DFARS compliance and saves us (the IT team) a lot of time. The Access Reporting is absolutely great. I’m able to see who’s doing what in real time. The mass alerts allow us to be informed as soon as something inappropriate happens."
IT Manager
To learn more about how file auditing helps meet compliance objectives, read the whitepaper The Role of File Auditing in Compliance.