ProTip: Using the AIC to Identify Employees Attempting to Access Data They Shouldn’t Be

ProTip: Using the AIC to Identify Employees Attempting to Access Data They Shouldn’t Be

Breaches are an everyday occurrence. IT security professionals work tirelessly to protect against attackers penetrating their organization’s IT infrastructure, but what about the malicious insider?

Do you ever wonder if users in your organization are poking around where they shouldn’t be?

An easy way to investigate, using out-of-the-box capabilities aligned with StealthAUDIT 9.0 and our Access Information Center (AIC), is to leverage the activity information available via STEALTHbits Technologies:

Step 1) Select any “sensitive” folder (for example HR or Finance)

Step 2) Select the “Activity Details” report within the Access Information Center

Step 3) Select the desired timeframe (our recommendation is 2-4 weeks)

Step 4) Ensure the ‘include subfolders’ option is selected

Step 5) Use the ‘Access’ column arrow and select ‘Denied’

You now have a list of users that have tried to access data outside of their defined role.

Happy hunting!

If you have questions, feel free to contact support: https://www.stealthbits.com/support

Want to learn more about StealthAUDIT and/or the AIC and test it out? Email a STEALTHbits sales representative today! Sales@STEALTHbits.com

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.