Upload
observeit
View
565
Download
0
Embed Size (px)
Citation preview
IMPROVING DATA & APP SECURITY
Presented by Arvo Bowen, Security Admin, Xerox
AGENDA
About Xerox Full Service Indexing for
Georgia Counties App & Challenge with
Employee Logging Use cases for user
activity monitoring @ Xerox Arvo Bowen
Atlanta, GeorgiaXerox ACS
CUSTOMER SPEAKER
ABOUT XEROX Acquired Digital Information Systems
Co. (DISC) in 2002.
Acquired Affiliated Computer Services (ACS) in 2010.
Provides business process and document management services and IT outsourcing
By 2017, business services and IT outsourcing that stem from ACS are expected to account for two of every three dollars Xerox brings in.
Xerox services can be found all over the world; if you’ve booked airline ticket, paid parking ticket, filed a health insurance claim, applied for a car loan or even in the local Atlanta airport.
FULL SERVICE INDEXING FOR GEORGIA COUNTIES
We transformed the time-consuming paper process of recording land records into a secure, efficient service.
All vital records are scanned and converted, and are now available on the State’s website.
This allows over 159 Counties to digitize land records and record real property documents – as well as vital statistics records, including birth certificates, death certificates, marriage licenses and more.
APP & CHALLENGE WITH EMPLOYEE PRODUCTION
Our application allows employees to abstract and key sensitive information
Rolling out work-at-home model to boost productivity
Several started reporting system issues, providing generic error information, and saying they were unable to work
USER ACTIVITY LOGS & MONITORING
User Activity Logs ensure that you know exactly who is doing what with your sensitive data, systems and applications
Needed to see employees 24/7 without watching them over their shoulders all day long to view all transaction processing
Recordings of user actions provide faster IT troubleshooting and incident response with bullet-proof visual forensics
USE CASES FOR USER ACTIVITY MONITORING
Gain Visibility; Into Application Usage
Improve Productivity; Reports & Usage
Data Audit; Alerting & Investigating
GAIN VISIBILITY; INTO APPLICATION USAGE
1. Start with a handful of Users – High-Risk Employees or Contractors
Poor performing Two weeks’ notice Pending layoffs New hire(s)
2. Start with monitoring a population of users for a specific application
IMPROVE PRODUCTIVITY; REPORTS & USAGE
Improved documentation and reporting of application usage during data entry
Visual forensics eliminate the need to invest the extensive labor required on cases
Case creation process from the research department
DATA AUDIT; ALERTING & INVESTIGATING
Management wanted to know when users are logging on from home
Management gets an email notification every time someone logs on or starts performing activity that is after hours and weekends
Management keeps all alerts in a outlook folder to log activity
Know who’s touching what data and what they are doing with it, deleting a file
LESSONS LEARNED
Auditing what users do within sensitive business applications is critical for security and troubleshooting
You will be surprised how users actually interact with your app and the type of risky activity that exists
If you don’t have visual evidence & User Activity Logs, it’s hard to prove things
Arvo BowenAtlanta, GeorgiaXerox ACS
THANK YOU!
TRY IT YOURSELF:
observeit.com/tryitnow
Q&A