Ensemble Consulting markets and supports file system auditing and Security (Data Loss Protection). We know that it’s important to secure your information yet make it available to keep business running. As you know, loss of credit card and personal data causes irreparable harm to a company and can have a huge financial impact on both institutions and individuals. In order to address these issues such as internal data leak, first look at ways to secure your file servers which store intellecture properties, HR records, financial reports, patient records, and other confidential files. IT management needs to have a good visibility into the following:
track employee file use
-
track file access by both employees and processes
-
block file copying, find lost files and protect sensitive information by controlling access to files and folders
-
meet company security compliance needs with pre-built yet extremely customizable reporting and alerting
Game-Changer
Our proven and cost effective solution from ByStorm Software’s FileSure works like no other product on the market. It provides reporting when you need it, security where you need it, but it also gives you DLP like no one else can! FileSure allows access to files but block the ability to steal them.
We achieve this by extending its reach to workstations and laptops and allowing you to restrict access to a file by application. For example, you can configure the solution to allow only Microsoft Excel to read spreadsheet files. As simple as this approach may seem, with this one rule, you can stop virtually all digital data loss of Microsoft Excel files. Consider the following examples:
Emailing spreadsheet by email client: Outlook must be able to read the spreadsheet before it attaches it. FileSure can block this Outlook read operation and prevent anyone from attaching and sending the file.
-
Emailing spreadsheet by Gmail, Yahoo, or any other web-based e-mail system: the browser that the web-based email system uses, whether it be Internet Explorer, Firefox, or some other browser, must be able to read the spreadsheet. FileSure can block the read operation by the browser and prevent the thief from attaching and sending the file.
-
Copying spreadsheet to flash drive: Windows Explorer must be able to read the file before it can copy it to a flash dive. FileSure can prevent Windows Explorer from reading the file, which in turn prevents Windows Explorer from copying the file to a flash drive.
-
Encryption: FileSure can block the encryption program from reading and encrypting the file.
Also, FileSure also has many other useful, simple ways to help you. Go to File System Auditing & Security for details.
No other product offers this noise-free auditing and reporting or patent-pending security technology—let alone both together in one solution.
Essential SQL Auditing
In addition to protecting your file server, we strongly encourage IT management to establish the ability to audit changes in your production databases. In this respect, we have close partnership with IDERA Software which provides feature-rich SQL Server database auditing and security analysis (vulnerability assessment).
The database auditing is based on IDERA’s SQL Compliance Manager. Created 8 years ago, Idera has been working closely with Ernst & Young to develop auditing requirements. E&Y is the auditing firm that conducts audits at my business location so it helps to have an auditing tool inspired by the auditors themselves.
SQL Compliance Manager is a comprehensive auditing solution that uses policy-based algorithms to track changes to your SQL Server objects and data. SQL Compliance Manager gives you detailed visibility to determine who did “what”, “when”, “where”, and “how”, whether the event is initiated by privileged users or hackers.
SQL Compliance Manager also helps ensure compliance with regulatory and data security requirements such as SOX, PCI, GLBA, HIPAA(HITECH), and Basel l and II. SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring, alerting, and auditing of all data access, selects, updates, schema modifications and permission changes to SQL Server databases.
SQL Security Analysis Tool
If you also need to identify security gaps in your database, SQL Secure from IDERA Software will help to achieve this objective. It helps you eliminate security holes and verify your SQL Server security model. SQL Secure does this by performing rights analysis across SQL Server, Active Directory and Windows and calculating the effective access rights for any user, object or access control.
With SQL Secure, not only can you view the effective rights of particular users or groups, but you can also select an individual database object, and see who has what rights on that particular object, and how those rights were granted. SQL Secure also allows you to assess changes made to access rights so you can easily remediate unwanted changes. In addition to rights analysis, SQL Secure also collects and evaluates security settings within SQL Server, and provides recommendations to improve server security.
Password Self-Service
With increasing demand for password management as part of corporate auditing compliance, we remain focus in providing you “a simple solution to a complex problem”. You will realize that FastPass Corp provides enterprise quality Password Self-Service solutions for your SAP, Oracle, IBM i / AS 400, Windows Active Directory, Citrix, Linux, and custom applications.
Password management has, by tradition, been bundled with and coupled with Identity Management and the Identity Product suites. And while the IDM projects tend to last years due to the complexity and widespread impact, the basic need for helping and solving the password issue is somewhat overseen by the vendors. As a consequence, in many of the projects the password capabilities was either not implemented or not used by the end-users due to the lack of functionality, ease of access etc. leaving the business case and the ROI in the projects incomplete. Besides that a lot of companies don’t have an appetite for large IDM projects, but are very interested in getting rid of the password pain that strikes the Service Desks largely and take up resources that are better used elsewhere.
Go to our Password Self-Service page for details.