Security File Activity Monitoring & Protection

Due to the rampant activity within modern organizational networks, auditing file activity has become extremely challenging. Conventional approaches, such as using the built-in file auditing feature of operating systems, are no longer effective. To ensure that the right data is available to the right people and it is used in a secure manner, and that none overstep those boundaries, organizations employ Security File Activity Monitoring & Protection.

Overview

Security File Activity Monitoring & Protection solutions deliver real-time file monitoring, auditing, security and user rights management for files stored on file servers and Network Attached Storage (NAS) devices. They further allow organizations to establish a repeatable workflow for performing access rights reviews while enabling data owners to make access control decisions. These solutions can secure sensitive file data by alerting of unauthorized access and empower you with the option to block it. When a potential misdemeanor occurs, they accelerate forensic investigations through clear, relevant reports and analytics. Moreover, unlike other auditing solutions, the service provided by Odyssey™ does not degrade file server performance.

Characteristics

Our Security File Activity Monitoring & Protection solutions share the following minimum characteristics:
Optimum Auditing and Protection
Analyzes all file activity in real time, providing organizations with a proactive security enforcement layer and detailed audit trail that shows the ‘Who, What, When, Where, and How’ of each transaction. Multi-action alerts and temporary quarantines can be used to protect unstructured data
Deployment Flexibility
The deployment model of the Security File Activity Monitoring & Protection solution is designed to fit the organizational needs of the existing environment, not any single vendor’s solution
Highly Effective
Identifies existing user access rights and facilitates a complete rights review cycle to ensure sensitive file data is accessible only by those with a business need to know
Simplified Management
Incorporated centralized administration ensures changes across the board and reduces management costs
Instrumental Reporting
Capability to generate purpose-built reports, useful for both internal audit and legal/regulatory compliance

Features

Manage User Access Rights to Sensitive File Data
Identify existing user access rights and facilitate a complete rights review cycle to ensure sensitive file data is only accessible by those with a business-related need to know. It streamlines audits and permissions management by reporting on user access rights across all file servers and NAS devices
Alert On or Block Abnormal Activity in Real-Time
Improve native permissions by blocking or alerting on activity that differs from corporate policy. Policy-based blocking enables organizations to stay protected against flaws in directory and file level permissions
Audit Analysis for Incident Investigation & Forensics
Access to both historical and real-time data gives incident response teams accurate visibility into ongoing activity. Real-time capability for user tracking, remediation workflows and production of a large number of pre-defined compliance and forensic reports is provided
Allow Data Owners to Control File Access
Identify data owners by analyzing data usage. Once the data owner is determined, risk is automatically minimized and files are kept secure by directly involving data owners in access rights reviews
High Availability
The key feature in achieving high availability and resilience is the use of Security File Activity Monitoring and an active-passive clustering mechanism. Active-passive clustering offers uninterrupted operations during system updates and maintenance
Audit File Access & Integrity
Continuously monitor and audit all file operations in real time without impacting file server performance or availability

Deployment

Designing and deploying an effective Security File Activity Monitoring & Protection solution is an extremely complex task for any organization. Drawing from our ever-growing expertise, developed through our Technology Risk Solutions and Managed Security Services (MSS) divisions, we determine which business resources are critical and we assess the best deployment method to offer the most effective solution with minimal disruption on your daily business operations.

Remaining Secure

Our suite of post-deployment services is designed to offer further enhancements to your network, systems and applications, as follows:

Maintenance & Support

Integration with ClearSkiesTM NG SIEM-as-a-Service

Full-fledged 24/7 Managed & Security Log monitoring

This solution comprises part of the “Test & Assess’’, ‘’Design & Implement”, ‘’Monitor & Respond’’ and ‘’Consulting’’ phases of our Information Security Continuum (ISC).