User Activity Monitoring

User activity or user behavior analytics (UBA) tracking and monitoring is an essential component of data security. DIGIGUARD can help your small business proactively monitor for and guard against the risks that stem from data access and network privileges. Your business may have protection from external threats, but risk frequently comes from inside your organization. User activity surveillance will help identify access abuse to reduce the risk of data breaches and malware infections. User activity tracking and monitoring can reveal:

• Misuse of data access privileges
• Suspicious user behavior
• Misuse of data protection policies and acceptable use policies
• Inappropriate user behavior
• Data exfiltration and data uploading
• Unapproved application and services downloading

Establishing Data Use Baseline

DIGIGUARD consultants will begin by fully understanding the scope and type of data you store and where it resides. We determine who has access to the data. We tag and track data and set alerts for abnormal file operations. We also look at when and where data is accessed. We will custom-configure data monitoring and tracking by using behavior-based rules. You will get the reports and alerts your business needs to protect data. We consider the following context and activity when establishing the baseline for normal use:

• Data access – Employees, departments, administrators, vendors, customers, contractors
• User behavior – Where, when, who and what data is accessed such as time, location, user and endpoint
• Department, employee and role usage profiles – Establish normal workflow data activity
• File transfer necessity and frequency – Anticipated data sharing
• High-risk activity likelihood – Email and downloading characteristics and functions
• Compliance, audit and authorized user industry requirements
• Existing company policy and employee data use and confidentiality agreements

Discovery and Mitigation of Data Misuse

DIGIGUARD can analyze reports and monitor for emerging threats. We can also adjust reporting to minimize false alarms. When reporting or alarms signal potential malicious activity, we investigate and verify the threat. Whether the abuse is malicious and pre-planned or due to negligence or ignorance, our team of experts will work quickly to stop the spread of malware and stop the flow of data from leaving your business. Alerts can be uniquely configured to provide specific detail such as excessive hard drive usage or alarms for printing certain sensitive and valuable data. We can:

• Investigate suspicious activity
• Respond to malware and other cyberattacks
• Review data misuse alert settings
• Review data segregation and storage
• Review usage and compliance policy
• Document suspicious activity

Policy Development and Training

Employers have the right to monitor activity on company devices. DIGIGUARD can help you define policy starting with pre-built templates. We will work with you to adjust and customize policies for your business. Policies are designed to limit collusion attempts and define comprehensive protection for your company, customer, vendor and partner data. We help you define policies to comply with industry data privacy, safety and auditing requirements. We can present rules and policies to your teams, and conduct workshops and ongoing information security awareness training and education on safe data access and usage. Policies can include rules for:

• Segregating data on a privilege or need-to-know basis
• Performing unscheduled or unauthorized updates
• Appropriate file-sharing activity
• Handling instructions for sensitive data
• Etiquette for or access to unproductive or risky websites for gaming, entertainment or social media
• Using authorized services and applications
• Sharing accounts and using robust passwords
• Restrictions for administrative tools and system protocols

Forensic Evidence and Documentation

DIGIGUARD will help identify and mitigate malicious data activity for your business. We can also document and collect evidence of misuse, risky behavior and activity and evidence of data sharing and exfiltration. We can provide forensic documentation such as screenshots, keystroke logs, capture files, printing, uploading and documenting chain of custody. We can recreate events in context. We will help you prepare documents for audits, reviews, terminations and prosecution.

Contact DIGIGUARD today and find out more about the benefits of user activity monitoring.