BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

DLP, Insider Threats, File Auditing and Reporting

Posted February 13, 2012    Morgan Holm

The growth of the cloud, virtualization and the consumerization of IT continue to provide companies and end users with more flexibility. However, they also raise some challenges for IT departments. One such challenge that is commonly discussed is data loss prevention (DLP), or the ability to identify, monitor and protect sensitive corporate information. 

While some advanced technologies and policies have specifically been designed and deployed for this purpose, including email archiving and USB lockdown, many organizations still lack central visibility into and appropriate auditing capabilities for their distributed file servers and sensitive files. In many organizations these servers are distributed and physical locations range from centralized data centers to closets in branch offices, which often house sensitive financial, HR and corporate intellectual property (IP). While many layers of protection may be implemented, a fundamental layer of protection should include the ability to monitor, alert, and report on these files, as well as the access/change activity for both general users and the administrators of the systems.

Native Tools Are Not Enough

While Microsoft native tools provide some auditing and permission reporting for these distributed servers, they have several drawbacks including:

1. Complexity: Setting up and enforcing native file auditing and permissions across distributed file servers are complex and lacks central management and control.

2. Decentralization: Access and change audits are written to the native logs, which are decentralized and cryptic.

3. No Central View: Native tools do not provide a central view of audit events (“Who is doing what”) and permissions (“Who could do what”).

4. Limited Reporting: Native tools do not provide enterprise level reporting which includes central visibility, granular filtering, and time based comparisons.

With all of these drawbacks and manual processes, how should you manage and monitor file access within your environment today? 

For organizations serious about DLP, ensuring compliance with standards such as HIPAA, and protecting their IP from insider threats, BeyondTrust offers a robust and automated suite of Windows file server solutions.

The BeyondTrust Solutions

BeyondTrust users can set up central auditing policies to be deployed across corporate file servers. Each policy has the necessary granularly to audit specific files and folders with complete include/exclude controls. Once the policies are deployed, users can perform centralized access and change reporting (“Who is viewing and changing my data”) by scheduling reports that are delivered to data owners automatically, as well as timely reviews for all monitoring folders and files—all using a simplified web console. In addition, users can perform centralized Privilege reports (“Who has access to my data”), which includes access changes to group memberships and delta comparisons between time periods. All of these reports can be filtered by resource name, user name, server name, event type, etc, to provide maximum visibility and control. Additionally, for very sensitive folders—perhaps a finance directory—users can configure real-time alerts that can be delivered to data owners automatically. 

Important Questions—Easy Answers

Ever wonder why a particular file was changed or deleted? Ever lose a file only to find out later that someone moved it to another server or folder? Ever been asked to find out who had access to a file 3 weeks ago?

If you need the answer to any of these types of questions have a look at PowerBroker Auditor for File System and PowerBroker Privilege Explorer. The answers will be at your finger tips. 

Tags:
, , , , , , ,

Leave a Reply

Additional articles

gartner market guide image - aug 2014

Introducing the Gartner Market Guide for Privileged Account Management

Posted July 29, 2014    Chris Burd

Gartner recently released a new Market Guide for Privileged Account Management (PAM), and we’d like to share a complimentary copy with you. The report includes PAM market analysis and direction, vendor overviews, and recommendations for selecting PAM solutions for your environment. BeyondTrust is one of two representative vendors (out of 20) to address all solution…

Tags:
, , , , , , , ,
Integrating Least Privilege and Password Management to Solve Account Security Challenges

Integrating Least Privilege and Password Management to Solve Account Security Challenges

Posted July 24, 2014    Morey Haber

There is a reason all BeyondTrust Privileged Account Management (PAM) solutions share the PowerBroker name: They all inherently enable you to reduce user-based risk and can be integrated under a centralized IT risk management platform. Here’s one common use case that demonstrates how this integration changes the playing field. Consider the challenge of privileged access:…

Tags:
, , , , ,
PowerBroker Password Safe Password Age Report

Reshaping Privileged Password Management with Password Safe 5.2

Posted July 21, 2014    Martin Cannard

Today, we’re pleased to unveil the latest edition of our privileged password management solution, PowerBroker Password Safe. I’ll start with a brief intro of what’s new and then tell you a little about the driving factors behind Password Safe development. New features for mitigating password risk and ensuring accountability enterprise-wide Here’s the 10,000-foot overview of…

Tags:
, , ,