Monitor, Audit and Control Access to Sensitive File Data

Businesses deploy a variety of file security solutions to protect sensitive file data from insider threats and ensure it is kept in compliance with regulations. However, even after making significant investments in infrastructure and staff to protect unstructured data, organizations are still challenged to identify who owns their file data, which users have access rights, and who is actually using the data. These core capabilities are critical to delivering file security and managing file data efficiently day-to-day.

SecureSphere File Security products protect sensitive file data stored on file servers, network attached storage devices, and SharePoint. SecureSphere provides full visibility into data ownership, usage and access rights and enables executives, auditors, security and IT managers to improve data security and meet compliance mandates.

Key Capabilities

• Identify excessive user access rights and enable a complete file rights audit and review cycle
• Audit all access to files including access by privileged users and applications
• Alert on, or block, file access requests that violate corporate policies
• Identify data owners
• Accelerate incident response and forensic investigations through centralized management and advanced analytics

SecureSphere File Security products are part of the SecureSphere Data Security Suite (DSS). DSS extends end-to-end protection to web applications, databases and files.

SecureSphere File Security Products

SecureSphere File Activity Monitoring delivers real-time monitoring and auditing of access to files stored on file servers and network attached storage (NAS) devices. SecureSphere file auditing provides flexible alerting, analytics, and reporting so administrators can document and communicate access activity to key stakeholders, and demonstrate regulatory compliance. FAM includes User Rights Management for Files for file rights auditing.

SecureSphere File Firewall prevents internal abuse and unauthorized access of sensitive file data, and helps ensure file integrity. SecureSphere monitors access activity, generates alerts based on user-defined rules, and blocks access that violates business policy. Centralized management, analytics and reporting accelerate forensic investigations and security incident response. FFW includes User Rights Management for Files for file rights auditing.

SecureSphere for SharePoint helps organizations protect sensitive data stored within SharePoint. It addresses the unique SharePoint security requirements of the platform’s file, Web and database elements, ensuring that users with legitimate business needs can access data and others cannot. SecureSphere enables SharePoint security, SharePoint administration, and IT operations professionals to improve data security, meet compliance mandates and streamline SharePoint permissions management.

SecureSphere Directory Services Monitoring (DSM) helps organizations achieve security and compliance goals for Microsoft Active Directory. It ensures that critical concerns such as separation of duty, privileged user monitoring, escalation of privileges, and other high impact changes are addressed and controlled. SecureSphere Directory Services Monitoring provides continuous visibility into directory services activity that enables security, compliance, and IT professionals to audit, alert, analyze, report, and respond to changes in real-time.

Identifies existing user access rights and facilitates a complete rights review cycle. SecureSphere file rights auditing ensures sensitive file data is accessible only by those with a business need to know. Facilitates rights review cycles by creating a baseline of existing rights, identifying excessive and unused rights, and providing workflow capabilities to specify and communicate changes between all participants in the review process. Included as part of SecureSphere FAM and FFW.

SecureSphere file system agents complement SecureSphere hardware and virtual appliances, monitoring activity directly on file servers to eliminate any monitoring blind spots. Agents can monitor all file access activity, or just local activity. This unique ability allows organizations to deploy an optimized mix of agent-based and network-based activity monitoring.