An organization’s servers hold vital and sensitive information, yet they are continually exposed to internal privileged users and external third-party contractors who require access to provide crucial business functions. The role these third-party contractors and their employees play is essential, especially in modern corporate life, but they do expose organizations to security threats — once these users have gained access to the servers, most IT security managers have no idea what they are up to. In fact, according to reports from Verizon and Trustwave, nearly 90 percent of data breaches are accomplished via remote access to a company’s systems, but only 1 percent of data breaches are discovered by the victimized organization’s log analysis and/or review process.
In an eBook, “Strangers in Your Servers: Make Working with IT Contractors More Secure,” ObserveIT, a user activity monitoring and analysis solution provider, explains how many companies are addressing the risks associated with third-party access. Prevention-based approaches, like identity and access management (IAM) and access governance solutions, though helpful, are not sufficient. In order for an organization to protect its sensitive data, it must know what users are doing every minute they are logged in — this is where user activity monitoring systems come in. They generate video recordings of every login session — along with detailed user activity audit logs — providing unparalleled insight into what is being done on company servers. When combined with behavioral analysis, these systems fill a major void plaguing cyber security today.
Fortune 500 hundred companies who have begun to implement user activity monitoring systems have reported positive results. Moti Landes, IT infrastructure manager and IT division CISO of Coca-Cola observed, “As soon as vendors discovered that all actions are being recorded, it became much easier to manage them.” Rick Beecroft, area manager of Bellin Treasury, Americas & Pacific Rim, stated, “We enjoy showing off to our customers that every user action is recorded. This increases confidence all around.”
Deploying user activity monitoring and analysis increases an organization’s ability to detect questionable, dangerous, or abusive remote (and internal) user activity. In addition to detecting threats to security, user activity monitoring also makes it easier to get compliant and stay compliant with security aspects of government and industry regulations (e.g., PCI, HIPAA, NERC, FISMA), while reducing security auditing costs.