Mazères Aero is a family-owned company with 70 employees in Toulouse, France, and is recognized as a specialist in the integration and maintenance of aircraft landing gear equipment.
The company is also one of the few SMEs to be considered a Tier 1 supplier to Airbus. As a supplier to the European aerospace giant, the company has very high cybersecurity requirements and has been working since 2017 with BoostAeroSpace, the consortium that set up the AirCyber program which aims to promote and advance cybersecurity among Tier 1 suppliers.
The Challenge
Securing network access and monitoring access to sensitive files
With the announcement of the 2020 lockdown and the shift to Laurent Riethmuller, the IT security systems manager, needed to implement an MFA solution to protect his network and sensitive data from unwanted and unauthorized access.
Riethmuller was looking for a solution that would control concurrent sessions, to avoid sharing login and password information.
Access to confidential documents was also a concern for Mazères Aero. Operating in an ultra-competitive environment, it was important to the IT team and management that only authorized individuals could access sensitive documents.
In addition, because of its status as a Tier 1 provider, the company must commit to a very high level of cybersecurity, therefore being aware of everything that happens on the network and files.
The Solution
Simple but effective access protection and monitoring solutions
Riethmuller first discovered IS Decisions' FileAudit. FileAudit offered Riethmuller the ability to monitor sensitive files and folders and to track who is doing what, when and on which file. After testing and purchasing FileAudit, he received a free trial of UserLock.
He quickly discovered how UserLock allowed him to easily and efficiently secure Active Directory identities on site, remotely or in the cloud, especially thanks to its multi-factor authentication (MFA) solution. MFA ensures that the user is who they say they are through authentication via a push notification, an authentication application or a programmable software token such as Token2 or Yubikey, depending on the IT manager's choice.
UserLock also allows contextual restrictions to be applied to a user or a group of users, thus blocking all connections that do not meet these conditions. Thanks to this feature, Riethmuller was able to set up access restrictions based on the number of simultaneous connections. He liked how UserLock also allows administrators to close a session remotely.
Deployment of both solutions was done during the pandemic, and Reithmuller was able to simply and easily deploy remotely.
The Result
A higher level of protection with UserLock and FileAudit
The company now uses UserLock and FileAudit to secure Active Directory identity access to the network and to sensitive data in accordance with Airbus’s strict security requirements.
In addition to securing access with MFA, the solution also meets Riethmuller’s other requirements, since it offers Wake-on-LAN functionalities as well as simultaneous session controls.
With FileAudit, the IT team can carefully monitor the most sensitive files, and grant rights according to need to know, along with simplifying auditing and reporting.
UserLock and FileAudit are simple, affordable, and intuitive solutions, and we are fully satisfied with their ease of use.
Laurent Riethmuller
Process Improvement & IT Systems Leader