Products
▸
SearchInform has released an update of the DLP system – from now on, the tool accumulates data on all actions, related to users’ authorization in a single “Authorizations on services” report. With the help of this data information security officer is able to control users’ work accounts on non-corporate services. The report reveals on which services an employee inputs the login credentials, which account and PC are used, how reliable the login credentials are. The level of password complexity is reflected illustratively in the report – in case protection isn’t strong enough the system will send an alert.
With the help of the report, it’s possible to find out if an employee uses the login and password, identical to the corporate ones for login in social media accounts, private email or gaming web site. If so, there is a risk that in case a data leak occurs on a third-party source, internal corporate perimeter may be compromised too. In case the same password with the one in the Active Directory is used on an external source, the system alarms about the threat.
SearchInform DLP report on users’ authorizations
What’s more, facts of a single account usage by a number of staff members are reflected in the report too. When different users log in the same service with a single login/password the systems saves this data. This should be considered as a trigger to initiate a check in order to find out, if the access credentials are used legally. Please note: in case all employees use single account for access to a specific resource, then the system will consider the first user completed the authorization as the account owner.
“Reports may be prepared for a single user and for the whole team as well. They show, which accounts on which sources were used during the specific period of time, obtain accounts, used by a few people simultaneously, assess the complexity of their passwords” – says Alexei Drozd, head of the information security department at SearchInform. “In terms of practice it’s an important tool for an information security specialist. According to the statistics, approximately 50% of employees use the same pair of login-password on different sources. What’s more, they use corporate accounts credentials for private ones too. This poses a risk to the company, which should be taken into consideration. Besides, the report helps to obtain the full unbiased picture of external corporate services usage” – the expert notes.
