Académique Documents
Professionnel Documents
Culture Documents
ObserveIT User Group: Technical Support ObserveIT User Group: Information Security ObserveIT User Group: Infrastructure
- Monitors over 100 shared user accounts during Unix / Linux sessions - PHI protection/monitoring critical business applications (PeopleSoft etc.) - Currently deploying to track all HTC contractor access and sessions
- Investigates suspicious behavior such as running SUDO (super user) commands - Focused on applications that don't have own logging capability due to visibility gap - Access is restricted to Citrix terminal servers where all activity is monitored
- "We provide forensic visibility w/in Linux that’s unlike any other tool" - "We love the ability to maintain user privacy in apps like BoA and Gmail" - Needed proof of monitoring capabilities from Canadian government mandate
ObserveIT User Group: Infrastructure ObserveIT User Group: Information Security ObserveIT User Group: Network Infrastructure
- Troubleshooting when issues occur during third party access - Capturing all outside vendor actions when interacting with PHI data - Mandatory company policy to monitor all third party activity on VDI sessions
- Use us to avoid any "finger pointing" from 20+ vendors and contractors - Vendors have constant access to over 100 servers - Track specific vendor file access, configuration changes that are made
- "One click investigations make this incredibly easy" - They were using Symantec DLP but nothing gave them visibility like ObserveIT - Love the ability to search for specific users and date / time stamps
ObserveIT User Group: Information Security ObserveIT User Group: Enterprise Computing Services ObserveIT User Group: Information Security
- 70 outside contractors only use desktops with OIT installed - Monitoring Siemens remote vendors and privileged user activity on critical servers - Monitoring remote vendor sessions within secure environments hosted by Citrix
- Have caught several contractors lying about total hours worked - Set up alerts and report for when servers or applications go down - Smart Auditor was not a robust enough platform to handle security requirements
- Created reports whenever privileged users try to stop key services running on servers - Smart Auditor also very clunky, not well supported by Citrix. Just an add on feature
ObserveIT User Group: Information Security ObserveIT User Group: Information Security ObserveIT User Group: Network Infrastructure
- Monitors 200 IT users who can access or modify any critical banking application -Need to monitor any access to PCI data, specifically vendors that are making config changes - Their clients have mandate to record any interactions with their data
- Used to comply with FDIC audits and reduces audit times by 5x - Most concerned around investigating fraud incidents - Uses ObserveIT metadata reports and screen captures to verify data integrity
- "The fact that we can audit activity within any application is incredible" - No other product could provide this visibility on Linux / Unix servers - "ObserveIT helps us acquire new client relations due to these safeguards."
ObserveIT User Group: Information Technology ObserveIT User Group: Compliance and Security
- Monitoring contractors on Windows Servers & Linux/Unix - Specifically monitoring database access, change control for SOX compliance
- They had an incident on a server that wasn't covered making investigation painful - Specific high risk actions include privilege escalation, new user creation, system tampering
- "The ability of the tool to show exactly vendors are doing is unparalleled." - Also concerned with shared account hopping and large file copy events
ObserveIT User Group: Information Technology ObserveIT User Group: Information Services
- Requirement to monitoring all employees that have access to PII in hosted apps - Auditing access to HR files, folders and applications hosting PII data
- Need to know where PII data is moving via print jobs, USB access and downloads - Real time alerts set on out of policy behavior (USB activity, large copy/paste)
- "Ease of use is huge benefit. Only takes one "non-technical" person to run ObserveIT" - Highest priority target is authorized users snooping and sharing client information
ObserveIT User Group: Information Security ObserveIT User Group: Information Technology
- Court system requires monitoring of all government employees and officials - Monitoring 1,800 business user VDI sessions through Citrix
- Discovered priv users harvesting passwords, pirating movies, creating backdoor access - Had incidents with data fraud in the past with no way to investigate what was occurring
- "The best tool for full visibility and quick investigations." - OIT forensic capability works exactly as intended - ensures nothing suspicious is happening