According to an IBM Study, 60% of attacks come from inadvertent or malicious insider misuse. The importance of ensuring you’re able to keep track of what your most privileged IT users are doing cannot be understated.
So, ensuring you have the appropriate means to track your most privileged users, and ensuring that granting of access rights is appropriate, should be a critical part of all IT security strategies. Here are a few of the key questions we believe all organisations should be able to instantly answer.
Who is Making Changes to Your IT Systems and Were They Authorised?
Ensuring that people aren’t making unauthorised changes is a critical part of any IT security plan. You need to know in real time when critical changes are made. You need to have a simple, and proactive means of spotting anomalies in changes, changes to password policies, security groups or access rights and permissions.
Using LepideAuditor provides you with real time threshold alerting and a LiveFeed of changes as they happen, along with hundreds of directly relevant security related reports.
Have User Rights to Your Critical IT Systems Changed Recently?
In this instance, we’re talking about Active Directory; arguably the most important part of any modern IT environment. If your Active Directory is breached, compromised or abused – the implications are significant. To ensure a secure environment, we think it’s important that you operate a least privilege approach and ensure only those that really need to have permissions to make changes have them.
This ultimately means you need a way to instantly report on when Active Directory permissions change. Using LepideAuditor, we provide you with both event and threshold based reports showing you precisely this – as well as a clever rollback functionality to reverse any unwanted changes.
Who Currently Has Which Permissions to Your Most Sensitive Files and Folders?
Often permissions sprawl out of control and end up being provided through memberships, resulting in inappropriate levels of access being granted to the wrong users. Given than insider threats are the single biggest cause for data leakage, you need to ensure you exercise a least privilege approach to your data to avoid becoming the next headline.
The first step in achieving this is ensuring you know who currently has which permissions to your most sensitive files and folders.
Why You Need a Third Party Solution
Here’s how to tell. How quickly would you know if a file/folder permission was added or modified? If the answer is more than 30 seconds, then you need a third-party solution.
Aside from state in time reporting on permissions, perhaps the most time-consuming part of ensuring a least privilege approach is keeping track of permissions being granted. Intentional or unintentional, the implications of data access being granted to the wrong user can have dire consequences. Proactive auditing ensures your most sensitive data doesn’t end up in the wrong hands either in error or through abuse.