Xerox’s well known Affiliated Computer Services (ACS) division provides IT and data services in nearly 100 countries, and has taken a new approach to improve the security of their business-critical application that transforms government documents into digital records.
2. AGENDA
About Xerox
Full Service Indexing for
Georgia Counties
App & Challenge with
Employee Logging
Use cases for user
activity monitoring @
Xerox Arvo Bowen
Atlanta, Georgia
Xerox ACS
CUSTOMERSPEAKER
3. ABOUT XEROX
Acquired Digital Information Systems
Co. (DISC) in 2002.
Acquired Affiliated Computer Services
(ACS) in 2010.
Provides business process and
document management services and
IT outsourcing
By 2017, business services and IT
outsourcing that stem from ACS are
expected to account for two of every
three dollars Xerox brings in.
Xerox services can be found all over
the world; if you’ve booked airline
ticket, paid parking ticket, filed a
health insurance claim, applied for a
car loan or even in the local Atlanta
airport.
4. FULL SERVICE INDEXING
FOR GEORGIA COUNTIES
We transformed the time-
consuming paper process of
recording land records into a
secure, efficient service.
All vital records are scanned
and converted, and are now
available on the State’s
website.
This allows over 159 Counties
to digitize land records and
record real property documents
– as well as vital statistics
records, including birth
certificates, death certificates,
marriage licenses and more.
5. APP & CHALLENGE WITH
EMPLOYEE PRODUCTION
Our application allows
employees to abstract and
key sensitive information
Rolling out work-at-home
model to boost
productivity
Several started reporting
system issues, providing
generic error information,
and saying they were
unable to work
6. USER ACTIVITY LOGS &
MONITORING
User Activity Logs ensure that
you know exactly who is doing
what with your sensitive data,
systems and applications
Needed to see employees 24/7
without watching them over
their shoulders all day long to
view all transaction processing
Recordings of user actions
provide faster IT
troubleshooting and incident
response with bullet-proof
visual forensics
7. USE CASES FOR USER
ACTIVITY MONITORING
Gain Visibility; Into
Application Usage
Improve
Productivity;
Reports & Usage
Data Audit; Alerting
& Investigating
8. GAIN VISIBILITY; INTO
APPLICATION USAGE
1. Start with a handful of
Users – High-Risk
Employees or Contractors
Poor performing
Two weeks’ notice
Pending layoffs
New hire(s)
2. Start with monitoring a
population of users for a
specific application
9. IMPROVE PRODUCTIVITY;
REPORTS & USAGE
Improved documentation
and reporting of
application usage during
data entry
Visual forensics eliminate
the need to invest the
extensive labor required
on cases
Case creation process
from the research
department
10. DATA AUDIT; ALERTING &
INVESTIGATING
Management wanted to know
when users are logging on
from home
Management gets an email
notification every time
someone logs on or starts
performing activity that is
after hours and weekends
Management keeps all alerts
in a outlook folder to log
activity
Know who’s touching what
data and what they are doing
with it, deleting a file
11. LESSONS LEARNED
Auditing what users do within
sensitive business
applications is critical for
security and troubleshooting
You will be surprised how
users actually interact with
your app and the type of
risky activity that exists
If you don’t have visual
evidence & User Activity Logs,
it’s hard to prove things