As law can apply to virtually any area of our professional lives, those working in the corporate legal profession such as Cleaver Fulton Rankin have perhaps access to a broader array of sensitive information than any other sector. From intellectual property, to the finer points of a company merger, through to sensitive financial information.
As one of Northern Ireland’s leading corporate law firms, the importance of integrity and reputation rests on their ability to protect this sensitive information. The certification of compliance to IS027001 is a powerful indication to customers that it takes security seriously.
Ability to interpret file server access logs for IS027001 compliance
At the core of the ISO 27001 compliance mandate is the desire to keep sensitive data secure, only allowing access to those who need it for business reasons. To both know and demonstrate that this is the case requires visibility into who has access, who is using access, and what actions are being taken upon this protected data.
Cleaver Fulton therefore needed a granular and detailed audit trail that they could present to any auditors to demonstrate proper access controls were in place to protect sensitive information against unwanted access.
Previously limited to the data found in Windows Security Event logs, Paul Rickerby, IT Manager at Cleaver Fulton Rankin, described working with native Windows logs as “getting an awfully large lump of data that took hours to dig through to find or report on anything of value.”
Paul wanted a solution that could make it easier to monitor and record all file access and also be alerted to potentially suspicious behavior.
Monitor access to and usage of sensitive data – The Easy Way
Paul was looking for an intuitive third-party solution to provide the centralized monitoring and reporting of all file activity needed.
The capabilities required included:
- Real-time logging of all access and access attempts to files and folders across the Windows system.
- All audit log data needed to be easily accessible to be reviewed, filtered, searched etc.
- Automatic alerts based on matching criteria to actions deemed suspicious, or any access to certain highly sensitive folders and files.
- Ability to generate sharable reports that showed a granular and detailed audit trail.
On testing FileAudit, the installation and configuration of the software took about 15 minutes. Paul commented, “It just works out of the box. The initial set up was very straight forward and intuitive, with lots of good videos online to help. I also took advantage of a remote support session to help on more advanced criteria – the team proved to be very knowledgeable and made it all very easy.”
Prove that compliance-specific access controls are in place.
In many cases, compliance requirements establish the security objective, and then provide details on how to test that the objective is being met. File auditing is your testing method to ensure the security you think you have around your protected data is actually doing its job.
Having FileAudit in place has helped Cleaver Fulton reach required appendices for the ISO standards.
FileAudit is used to demonstrate only approved access has occurred. Alerting and reporting can provide both real-time and historical detail - including identifiable factors like machine name, IP address, etc. Robust filtering capabilities help quickly answer the questions posed by auditors.
FileAudit shows key insights on the access to and usage of a particular data set.
The need to have the access to and usage of sensitive data under close watch is critical to meeting these compliance objectives.
Paul said “It satisfies the need for an access audit trail for ISO 27001 very easily. Simple reports bring it all together for me and alerts show auditors that we can control access into the most sensitive folders. I would recommend FileAudit for compliance needs and better visibility on what’s going on your file servers.”
To learn more about how file auditing helps meet compliance objectives, read the whitepaper The Role of File Auditing in Compliance.