Cyber Thursday Bulletin
This week in Cyber Thursday we will discuss on the need to audit your existing LAN and the reasons why it should be audited and assessed more than just once per week.
So here i was talking to a existing customer and as a manager he highlighted the challenge with managing Network Infrastructure and Server, storage team and how they are different from Software and application team. Often they both have really different views to a problem. If one wants performance ( Infra team) and obviously wants to ensure that connectivity with ISP is healthy. The application team is more concerned with limited access to employees and avoid any information sprawl.
This made me think if its really a solution to look at enterprise activity in a single windows. Where we can just point out the finger on the issue and do the RCA ( root cause analysis). Sure i was , the operation teams across various teams use many different tool with various features and licenses; and then one needs to find what tools to be used first versus others and so on so forth.
Whats essential was to have simplified tool tested in an environment, quick demo on demand when needed and that could manage certain fundamental things like.
1.Active directory infrastructure
2. Virtualization infrastructure
3. Office 365 and Vmware environment.
4. Sharepoint environment
5. LAN and Server storage infra ( we started from here!)
My analysis pointed me to Netwrix Auditor. Best part i can schedule online demo when i want. Community edition is free of cost and one upgrade provides all information ( well atleast the basics for SMB enterprise).
What else ? Compliance — yes it does and Auditable report — yes that too.
Cloud environment monitoring – Certainly it does.
Below is an snippet of the tool.
So quiet impressed as i was , i started digging its capabilities around
- Data Governance ( we all need it but we wait for a push!) – Data Access Governance
- Risk Assessment
- Data Remediation- Small or big organization process large amount of date, but we dont know which type of data can cause the issues can cause the data at risk AND how to remediate them. Remove and purge the unneeded data. Avoiding non compliance.
- Ransomware protection – espacially those that encrypt your file and ask us to pay a ransom. i hate them and i have seen those happening a lot past few years in UAE. Well here is a chance to deploy a auditing software to bring the protection proactively.
There are other lot of features i noticed like ediscovery, asset management and storage optimization ( since it can provide exclusive support for EMC and Netapp)
Important questions to be highlighted ( could relate to your environment).
1. How can you identify large amount of data erased from your file servers?
2. Has anyone unique accessed sensitive data past few days?
3. What were data access activities past business hours?
4. High risk insider threat detection…do we know about it?
Having said all the good things, few things went almost unnoticed. The support for other storage and tech vendors seems missing. However, it could be on purpose, but i am yet to know all about it.
What i know is this should be surely checked out once to understand current scenario at your office environment. Espacially if you are only and lonely IT pro in the organization who spends lot of time solving password issues, Wifi password resets, and has to furnish auditable reports. This could surely help against a formidable Ransomware which all of us are really tired with.
Call our great web support team or email (info@Cbt.ae)or comment below and we shall surely be of help.