West Africa’s busiest marine terminal chooses UserLock and FileAudit to protect its network against unauthorized access.
DP World is one of the five largest marine terminals in the world. It has a portfolio of more than 65 terminals across six continents and handles over 10% of the world’s containers. Headquartered in Dubai, its flagship facility Jebel Ali has been voted Best Seaport in the Middle East for 20 consecutive years. The organisation manages DP World Dakar Terminal, West Africa’s largest and most modern container terminal.
DP World Dakar Terminal employs 350 people with 254 requiring regular access to the organisation’s network across the 150 computers onsite.
To manage authorised logins and file access across shared devices on the network
The IT department takes care of the network and security needs and has to ensure that all access to the network is managed carefully. It is a competitive industry so there is an emphasis on monitoring access activity to ensure that company information is kept confidential.
Concurrent logins was a cause for concern. With over 250 employees working across 150 computers, there was bound to be confusion over who is logged in where. Often more than one person would be logged on to the same computer, or individuals would be logged into multiple machines at once. This resulted in bad resource management, not to mention the significant security risks associated with a lack of ability to identify individual users’ network access activity.
Managing access to files and folders was also a key issue. It was difficult to audit files that were accessed, moved or even deleted, which resulted in a serious security concern regarding documents that were being emailed to people outside the organisation without authorisation.
Simple to administer, simple to manage
The network and system engineer discovered IS Decisions one day when he was updating his LinkedIn profile and came across a discussion about UserLock. It looked like a solution that could address the problems DP World Dakar was having with user identification and concurrent logins. So after reading more about the product, he decided to sign on for the trial. And once the trial was complete, he recommended the department to purchase 350 licences.
UserLock helped IT personnel manage access across the network as they could see who was accessing what information, from where and what time they were using the system.
The IT department set up shared folders using Active Directory (AD). However, with AD, it was difficult to investigate and find out who was logging in and accessing certain files and folders on the network. If someone was accessing the system remotely, that made it even more difficult.
DP World Dakar looked into IS Decisions’ other product, FileAudit, for the ability to monitor and audit access to files on the system. As with UserLock, the trial software was used before the purchase of 10 licenses, one per server. It was the ideal solution in helping the team keep track of where and when files were accessed, if they were moved or deleted and identify the person responsible.
Giving the right access to files and the network to increase security
The initial set up for UserLock and FileAudit was easy, taking less than five minutes. And when DP World Dakar went from the trial to the full licenced products, this was also a smooth transition.
One of the key benefits is that network access and login activities can be monitored without disrupting the work of employees. With UserLock, if someone is attempting to access the network either with a password that has been compromised or even with a valid password in a restricted location or by a restricted session type, they will be denied access to the network and the IT department will be notified so that they can investigate further. This is a broader security feature that UserLock offers.
Having the UserLock administrator profile makes things easier because if someone is logged on to a computer and it crashes, the administrator can remotely help that person log out of the crashed device.
A unique benefit of using UserLock and FileAudit together is that once an employee has been verified that they are who they say they are, the organisation can be confident that it is that very employee with that user ID who is accessing files on the shared drive. The actions then made on those files, such as editing, copying or even deleting can be tracked with FileAudit.
The IT team has renewed licences for UserLock and FileAudit every year since 2013.
Access control is not about controlling employees but about setting security protocols in place at an infrastructure and network level that allows them just the right access to perform their tasks effectively and securely. UserLock and FileAudit provide the technology for us to be able to put these protocols in place.