IMPROVING DATA & APP SECURITY

Presented by Arvo Bowen, Security Admin, Xerox

AGENDA

About Xerox Full Service Indexing for

Georgia Counties App & Challenge with

Employee Logging Use cases for user

activity monitoring @ Xerox Arvo Bowen

Atlanta, GeorgiaXerox ACS

CUSTOMER SPEAKER

ABOUT XEROX Acquired Digital Information Systems

Co. (DISC) in 2002.

Acquired Affiliated Computer Services (ACS) in 2010.

Provides business process and document management services and IT outsourcing

By 2017, business services and IT outsourcing that stem from ACS are expected to account for two of every three dollars Xerox brings in.

Xerox services can be found all over the world; if you’ve booked airline ticket, paid parking ticket, filed a health insurance claim, applied for a car loan or even in the local Atlanta airport.

FULL SERVICE INDEXING FOR GEORGIA COUNTIES

We transformed the time-consuming paper process of recording land records into a secure, efficient service.

All vital records are scanned and converted, and are now available on the State’s website.

This allows over 159 Counties to digitize land records and record real property documents – as well as vital statistics records, including birth certificates, death certificates, marriage licenses and more.

APP & CHALLENGE WITH EMPLOYEE PRODUCTION

Our application allows employees to abstract and key sensitive information

Rolling out work-at-home model to boost productivity

Several started reporting system issues, providing generic error information, and saying they were unable to work

USER ACTIVITY LOGS & MONITORING

User Activity Logs ensure that you know exactly who is doing what with your sensitive data, systems and applications

Needed to see employees 24/7 without watching them over their shoulders all day long to view all transaction processing

Recordings of user actions provide faster IT troubleshooting and incident response with bullet-proof visual forensics

USE CASES FOR USER ACTIVITY MONITORING

Gain Visibility; Into Application Usage

Improve Productivity; Reports & Usage

Data Audit; Alerting & Investigating

GAIN VISIBILITY; INTO APPLICATION USAGE

1. Start with a handful of Users – High-Risk Employees or Contractors

Poor performing Two weeks’ notice Pending layoffs New hire(s)

2. Start with monitoring a population of users for a specific application

IMPROVE PRODUCTIVITY; REPORTS & USAGE

Improved documentation and reporting of application usage during data entry

Visual forensics eliminate the need to invest the extensive labor required on cases

Case creation process from the research department

DATA AUDIT; ALERTING & INVESTIGATING

Management wanted to know when users are logging on from home

Management gets an email notification every time someone logs on or starts performing activity that is after hours and weekends

Management keeps all alerts in a outlook folder to log activity

Know who’s touching what data and what they are doing with it, deleting a file

LESSONS LEARNED

Auditing what users do within sensitive business applications is critical for security and troubleshooting

You will be surprised how users actually interact with your app and the type of risky activity that exists

If you don’t have visual evidence & User Activity Logs, it’s hard to prove things

Arvo BowenAtlanta, GeorgiaXerox ACS

THANK YOU!

TRY IT YOURSELF:

observeit.com/tryitnow

Q&A