Case study

Optimal visibility into all Active Directory user’s logon logoff activity

  • Customer

    Angliss

  • Industry

    Food Service

  • Geography

    Hong Kong

After analyzing several other options, we found UserLock gave us the most accurate visibility on all user’s logon and logoff activity. In addition, its ability to easily enforce logon restrictions allows us to not only detect and react to abnormal logon activity but prevent the inappropriate use of credentials.

Wilde Ho, IT Manager

Detect, React and Prevent the risk from Improper User Access

Angliss Hong Kong has over 70 years’ experience as a food business in the Hong Kong marketplace. They develop comprehensive programs, guidelines and procedures to cover all aspects of their food service business, such as supplier management, production, packaging and distribution.

To better protect their proprietary information as well as their IT resources, Angliss were looking to guard against unauthorized and improper user access.

The Challenge


When it comes to tracking when, where, how and whether a user account can logon, native Active Directory was failing the IT team at Angliss. There was no easy way to see if a user’s credentials were compromised or be alerted on for any abnormal activity.

The Needs


  • Visibility and accuracy on all users’ logon and logoff activity.
  • The ability to flag suspicious access events in real-time.
  • Ensure access to the network is identifiable, audited and attributed to an individual user - to make sure users actions were adhering to company policy.
  • Prevent the inappropriate use of user credentials and stop unauthorized access.
  • A non-disruptive solution that works alongside Active Directory to extend, not replace, its security.

The Solution


UserLock offered a level of security that was not possible with native Active Directory or with scripts. It offers the most accurate audit of when, where and how a user account logged on and off.

Installed in 30 minutes the agent was easy to deploy. This effectiveness made the decision even easier.

UserLock also enforces logon restrictions (times of day, which machines, how many concurrent logins, etc.) to out-rightly prevent many inappropriate use of credentials (whether from an insider or external threat). This helps move our security from one of just ‘detect and react’ to a focus on ‘prevention’.

Data breaches involving the misuse of credentials usually take months or years to be detected [1]. With UserLock we have a scalable solution that significantly helps to reduce the threat of a security breach.

[1] Verizon, Data Breach Investigations Report (2017)

Video Presentation
UserLock video Watch the video
Some other UserLock customers