User Activity Monitoring

Expand all

The Risk

Whereas most organizations are well aware of the security threats posed by external sources, they often overlook threats that come from within the organization. Therefore, while employees, in the course of performing their duties, are given access to organizational network resources including sensitive and valuable information, management is not privy of the threats inherent to providing such access privileges.

User activities such as system administration, file downloading, running of SQL queries, deleting files and editing configuration files can inadvertently or even purposely compromise the security status of the organization.   Given these facts, the ability to understand the origin of the security threat and answer the simple question “Who did what?” is, therefore, fundamental in discovering the root cause.

Moreover, organizations are subject to strict compliance and regulatory requirements, which require them to know any user action, which could impact sensitive data. To meet these requirements, the organization’s compliance officers have been traditionally investing a lot of time and effort towards manually collecting and auditing log files for compliance from each and every system/application deployed in the organizational environment.

Protecting your Organization

User Activity Monitoring (UAM) is a proactive and pre-emptive approach towards effectively managing these risks and compliance requirements as it allows the organization to control system misuse or possible access breaches by malicious insiders. To this end, Odyssey offers best of breed user activity monitoring solutions, which ensure the continuous recording of user activity on computer and network systems providing you with a complete picture of what changes/actions have been performed on these systems.

Our UAM solutions will provide you with the tools necessary to enable you to keep an eye on what insiders or 3rd party users do when they connect to your computer and network systems.  Going a step further, our UAM solutions can document every system process, thus helping you getting to the root cause of system changes and possible downtime.  In essence, you will be able to review actions that take place on your computer and network systems.

This is achieved by recording all user activity for computer and network systems.  This capability becomes instrumental when it comes to addressing regulatory and compliance requirements, which demand total visibility of all access to sensitive data.  Organizations are able to research events that may have caused a breach and by linking certain actions to certain users, the organization is able to understand the users’ intentions.  

In order to recommend the ideal solution based on your overall needs and objectives, Odyssey follows a carefully designed approach that stems from our extensive experience and expertise in dealing with user activity monitoring. 

Our team will begin by examining your existing network architecture and infrastructure and then work with your team to fully understand your organization’s business objectives as well as related compliance and regulatory requirements.  Once we have a holistic understanding of your IT environment, we will discuss with you and explain the functional capabilities and deployment methods of the solution that, we believe, is best suited for your needs. Odyssey will complete the installation and configure the solution to ensure that the functional, recording and reporting capabilities meet your organization’s demands. 

The installation and deployment of a user activity monitoring solution will considerably contribute to the overall improvement of your computer and network system’s security environment. At the same time, you will be increasing productivity, as you will spend less time investigating internal breaches and configuration errors/ mistakes. At the same time you will be able to generate compliance reports regarding user’s actions.

Doing it right: Our Privileged User Activity Monitoring Solutions’ Key Features and Benefits

Our Privileged User Activity Monitoring solutions are largely characterized by the following key features and benefits:

Key Features

Benefits

Video recording capturing of user activity

Easy and timely gathering of information required for troubleshooting and auditing purposes, by sorting and grouping information based on user id

Enables easy investigation of suspicious activity by showing an account of each user’s exact activity on systems

User activity reports can be used as compliance evidence towards meeting legal/ regulatory requirements

Generation of textual audit logs

Logs based on actual user actions provide a precise trail of the user’s actions in a simple, readable format

Ability to integrate user activity text logs with Security Information Event Management solutions Integration with log analysis tools allows for security oversight and compliance reporting
Privileged Identity Management by requiring administrators to add secondary login credentials for access

Adds an additional level of system access control for accessing sensitive resources

Eliminates the shroud of secrecy associated with generic IDs

Send policy and status updates to each user exactly as they log in to server

Ensures that corporate policies are understood and acknowledged

Captures admin support ticket number for issue tracking

Ability to request second password to replay user activity videos

Satisfies the most stringent privacy protection regulations

Ensures both audit completeness, as well as employee privacy

Real time playback of session activity recordings Capability to view session activity "on the air", while users are still active

 

Remaining Secure – Support tailored to your needs

We very well understand that to remain effective, a security deployment requires constant monitoring, fine-tuning, updating and maintenance.  These requirements may prove a burden your small/medium business is not poised to undertake.  We have, therefore, structured our post-deployment services so that you may have the level of support you need, in order to achieve maximum return on your investment, with the least of worries.

Our suite of post-deployment services range from simple Maintenance and Support, to full-fledged Managed Security & Outsourcing Services.

This solution comprises part of the “Design & Implement” phase of our Information Security Continuum (D&I).