User Activity Monitoring

User Activity Monitoring

Sometimes the greatest threat lies from within. Organizations nowadays encounter a large number of malicious attacks coming from people on the inside. These attacks could be in the form of fraud, theft of confidential or commercially valuable information, theft of intellectual property, or simply downtime of computer systems.

Overview

An internal threat comes from people within the organization such as employees, former employees, contractors or business associates, who have inside information concerning the organization’s security practices, data and computer systems. Insiders are responsible for 90% of security incidents. This has driven organizations to manage security risk thoroughly, especially the one stemming from privileged users and high-risk users. By capturing video playback of policy violations and comprehensive metadata related to what people are doing, organizations enjoy real-time visibility across their environment without translating log data or investigating multiple systems.

Characteristics

Our User Activity Monitoring solutions share the following minimum characteristics:
Optimal Protection
Video capture of incidents such as file copying, mass printing and visiting prohibited websites is provided while the activities are score-prioritized based on the level of risk; thus security teams identify which activities to monitor and possess irrefutable video evidence of security violations
Minimize Risk
The risk of an insider threat is reduced by instant detection while ensuring that the employees remain compliant with organizational policy. Ultimately, every compliance violation can be traced back to the specific actions of a particular user
Highly Effective
Swift investigation and report during and after an incident. With unambiguous video evidence, less time is spent going through log data and multiple systems
Increase Security Awareness
Whether a user copies data onto a USB drive, downloads programs or performs other activities that create security risk, you can enable pop-up notifications that educate and provide compliant alternatives in real-time

Features

Alerting
With full visibility into user actions within any application, the User Activity Monitoring solution is able to precisely detect out-of-policy behavior and alert on malicious and unintentionally risky behavior
Shared Account Identification
Built-in privileged user identification solution ensures unambiguous identification of individual users who use shared accounts
Privacy Protection
Adheres to government privacy regulations by offering optional 4-eyes (dual password) session playback privacy protection
Session Recording
Monitors and records all user activity on Windows and Unix/Linux servers and desktops

Deployment

Drawing from our ever-growing expertise, which is being developed through our Network Infrastructure Solutions and Managed Security Services (MSS) divisions, we first assess your organization’s needs based on your existing infrastructure, network architecture, applications and systems’ setup. Once we have a well-rounded understanding, we proceed by proposing the best-suited User Activity Monitoring solution that fits your environment.

Remaining Secure

Our suite of post-deployment services is designed to offer further enhancements to your network, systems and applications, as follows:

Maintenance & Support

Integration with ClearSkiesTM NG SIEM with Big Data and Security Analytics

Full-fledged 24/7 Managed & Security Log monitoring

This solution comprises part of the “Test & Assess’’, ‘’Design & Implement”, ‘’Monitor & Respond’’ and ‘’Consulting’’ phases of our Information Security Continuum (ISC).