Optimal visibility into all Active Directory user’s logon logoff activity

Detect, React and Prevent the risk from Improper User Access

Angliss Hong Kong has over 70 years’ experience as a food business in the Hong Kong marketplace. They develop comprehensive programs, guidelines and procedures to cover all aspects of their food service business, such as supplier management, production, packaging and distribution.

The Challenge

When it comes to tracking when, where, how and whether a user account can logon, native Active Directory was failing the IT team at Angliss. There was no easy way to see if a user’s credentials were compromised or be alerted on for any abnormal activity.

The Needs

• Visibility and accuracy on all users’ logon and logoff activity.
• The ability to flag suspicious access events in real-time.
• Ensure access to the network is identifiable, audited and attributed to an individual user - to make sure users actions were adhering to company policy.
• Prevent the inappropriate use of user credentials and stop unauthorized access.
• A non-disruptive solution that works alongside Active Directory to extend, not replace, its security.

The Solution

UserLock offered a level of security that was not possible with native Active Directory or with scripts. It offers the most accurate audit of when, where and how a user account logged on and off.

Installed in 30 minutes the agent was easy to deploy. This effectiveness made the decision even easier.

UserLock also enforces logon restrictions (times of day, which machines, how many concurrent logins, etc.) to out-rightly prevent many inappropriate use of credentials (whether from an insider or external threat). This helps move our security from one of just ‘detect and react’ to a focus on ‘prevention’.

^[1] Verizon, Data Breach Investigations Report (2017)