IS Decisions logo

Visibility on Active Directory user logon logoff activity prevents credential compromise

  • Angliss
  • Food Service
  • Hong Kong
Optimal visibility into all Active Directory user’s logon logoff activity

Angliss Hong Kong has over 70 years’ experience as a food business in the Hong Kong marketplace. They develop comprehensive programs, guidelines and procedures to cover all aspects of their food service business, such as supplier management, production, packaging and distribution. To better protect their proprietary information as well as their IT resources, Angliss were looking to guard against unauthorized and improper user access.

"After analyzing several other options, we found UserLock gave us the most accurate visibility on all user's logon and logoff activity. In addition, its ability to easily enforce logon restrictions allows us to not only detect and react to abnormal logon activity but prevent the inappropriate use of credentials. "

Wilde Ho - IT Manager

The Challenge

More easily monitor the network to detect credential compromise and get alerts on suspicious access

When it comes to tracking when, where, how and whether a user account can logon, native Active Directory was failing the IT team at Angliss. There was no easy way to see if a user’s credentials were compromised or to get alerts for any abnormal activity.

The Solution

Access to the network has multiple security layers, and actions are easy to tie to individual users

With UserLock, the IT team now has:

  • Visibility and accuracy on all users’ logon and logoff activity.

  • The ability to flag suspicious access events in real time.

  • Ensure access to the network is identifiable, audited and attributed to an individual user to ensure user actions adhere to company policy.

  • Prevent the inappropriate use of user credentials and stop unauthorized access.

  • A non-disruptive solution that works alongside Active Directory to extend, not replace, its security.

The Result

Security posture shifts from "detect and react" to prevention

UserLock offered a level of security that was not possible with native Active Directory or with scripts. It offers the most accurate audit of when, where and how a user account logged on and off.

Installed in 30 minutes the agent was easy to deploy. This effectiveness made the decision even easier.

UserLock also enforces logon restrictions (times of day, which machines, how many concurrent logins, etc.) to out-rightly prevent many inappropriate use of credentials (whether from an insider or external threat). This helps elevate the organization's security posture from "detect and react" to focusing on prevention.

"Data breaches involving the misuse of credentials usually take months or years to be detected. With UserLock we have a scalable solution that significantly helps to reduce the threat of a security breach."

Wilde Ho - IT Manager