SlideShare a Scribd company logo
CASE STUDY

UserLock empowers

Pernambuco State Traffic Department
to better protect sensitive information
for over 2000 employees

Customer

Solution

Detran-PE: Pernambuco State

With UserLock, a customized access policy can be

Traffic Department

set and enforced to permit or deny user logins.
Concurrent sessions can be prevented and access
restricted to specific workstations or devices, time,
business hours and connection type (including Wi-Fi).

Industry
Government

Result
Reduced risk to the organization’s data through

Geography

effective network access management and monitoring.

Brazil

Password sharing between users has been stopped

Challenge
Sensitive data on the Windowsbased network was being put at risk

through the prevention of concurrent logins,
Up to 90% less time is spent manually monitoring and
auditing user activity on the network.

by unauthorized user access and

An effective control of time for when the network can

uncontrolled user behavior.

be accessed

‘‘

With UserLock, we have
an effective network access
management tool that is
very simple to manage and
easy to understand. It has
helped simplify IT’s work by
reducing between 70 to 90%
the time spent monitoring
and auditing network access
of all users.

’’

Antônio Fernandes S. Oliveira
Network Manager
Pernambuco State Traffic Department
CASE STUDY

USERLOCK EMPOWERS PERNAMBUCO STATE TRAFFIC DEPARTMENT TO BETTER PROTECT SENSITIVE INFORMATION

The Challenge

State Traffic Department need to control and secure
‘traffic’ to the network

Pernambuco State Traffic Department in Brazil is a
very busy organization, having, amongst other tasks, to
monitor all the state’s traffic, issue driver’s licenses and
vehicle license plates. The IT department is no less busy,
with responsibility for approximately 2000 users spread
over more than 100 different divisions.
In such an organization like the State Traffic Department, unauthorized access to information, whether
it is from inside or outside the organization, can have
serious consequences. It is therefore of utmost importance for the department to be able to enforce security
rules that control network and data access.
To meet these needs with native Active Directory security, several Group Policies were in place for software
restriction and approved audit, a strict password setting
policy (based on size, history and complexity) was enforced and all admin access was restricted to only support users.
Despite these measures the IT department noted several on-going security risks linked to user behavior
and their network access, often without the users even
being aware of the risks at hand. For example, access
to the network out of business hours, connection from
unauthorized external locations, and, very frequently,
password sharing.

“

Before UserLock we did not have an effective

access login management, and because of that
anyone could access the network at any place and
time, and as many times as they wanted.

”

“Network security is a critical problem for most companies, and security in Windows-based networks relies
heavily on a user’s login credentials”, said Antônio Oliveira, Network Manager. “The problem is that native
Windows-based network controls does not limit the number of possible logins for a single user. On many occasions, users give their passwords to colleagues or other
people, without being aware that this can cause them
serious trouble: a user’s login is their signature and any
problem related to it becomes their responsibility. By li-

miting the number of concurrent logins, the network is
better protected.”
Solving these issues required a whole new level of access security and user login management, in order to
eliminate these risk factors and better protect information on the group’s network.

The Solution

UserLock addresses very specific but important gaps
in managing the security of Windows infrastructures.

The team set out the following objectives a new solution
would accomplish:
Location management - to prevent unsecure
connections from outside locations.
Time management - to avoid users connecting
to the company network outside of designated
hours.
Improved network access reporting - to help with
the daily management of users.
Concurrent login management - to reduce the
risk of users sharing their passwords.
Having been able to put the software to the test in
their own specific environment, they found that UserLock met exactly the department needs to be able to
restrict access of network users, limit access per user,
and prevent concurrent logins. The team also found the
solution extremely effective in helping with the audits
conducted by the organization.
In addition, the ability to receive alerts on suspicious
CASE STUDY

USERLOCK EMPOWERS PERNAMBUCO STATE TRAFFIC DEPARTMENT TO BETTER PROTECT SENSITIVE INFORMATION

access events, coupled to the possibility to take control
via remote session when needed, also proved to be a
significant plus.
With its simple deployment process, the team rapidly
installed UserLock and started controlling user access
and protecting the network. “It took us about 48 hours
to deploy. First on the server and then across all locations
through the automatic deployment system provided by
the software.”
During their daily use of the software, Antônio Oliverira and his team did note one possible improvement; to
end users sessions, once the time limit was exceeded.
This feedback was taken on by the development team
at IS Decisions, who added this feature to their software
within the next product release.
“The support given by IS Decisions was excellent, especially because they are open to new ideas. We contacted
them to address the matter of ending the sessions of users
exceeding their network access time limit, and after our
feedback a new function was added in the subsequent
version.”

The Benefits

Reduced risk to the organizations data through effective network access management and monitoring

In using UserLock, Antônio Oliveira states that Pernambuco State Traffic Department can now deliver
effective network access management across all its locations. “Before UserLock we did not have an effective access login management, and because of that anyone could
access the network at any place and time, and as many
times as they wanted.”
UserLock has helped reduce the risk of security breaches
to the organization’s data and realize time savings when
it comes to monitoring, auditing and reacting to suspicious access events.
Through the prevention of concurrent logins for
95% of their users, password sharing between
users has now been stopped.
Access to users can now be restricted and limited
based on multiple criteria, including workstation
or devices, time, business hours and connection
type.
All user access can be monitored in real-time
with IT able to remotely and instantly react to any
suspicious events.
Time spent manually monitoring and auditing
network access has been reduced by up to 90%,
freeing up resources for other tasks.
“With UserLock, we have an effective network access management tool that is very simple to manage and easy to
understand. It has helped simplify IT’s work by reducing
between 70 to 90% the time spent monitoring and auditing network access of all users”

Some other UserLock customers
FBI, DEA, UN, Barclays, BNP Paribas, Ministry Interior Saudi
Arabia, Bank of Kuwait, South Wales Police, NHS, University

Download a UserLock FREE TRIAL version

WWW.USERLOCK.COM

of Leeds, NATO, City of Paris, ...

www.isdecisions.com | info@isdecisions.com
Technopôle IZARBEL - Créaticité Bât. A
BP12 - 64210 Bidart - FRANCE
Phone: +335.59.41.42.20 - Fax: +335.59.41.42.21

More Related Content

What's hot

Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesLeMeniz Infotech
 
Security Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsSecurity Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsEswar Publications
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-PracticesOctogence
 
Analytical survey of active intrusion detection techniques in mobile ad hoc n...
Analytical survey of active intrusion detection techniques in mobile ad hoc n...Analytical survey of active intrusion detection techniques in mobile ad hoc n...
Analytical survey of active intrusion detection techniques in mobile ad hoc n...eSAT Publishing House
 
Healthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemHealthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemCheapSSLsecurity
 
Ieee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsIeee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsSteph Cliche
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurancebdemchak
 
Intrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern miningIntrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern miningeSAT Journals
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
IRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder LockIRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder LockIRJET Journal
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklistbackdoor
 
NETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTING
NETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTINGNETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTING
NETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTINGNishanth Gandhidoss
 
From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...NetIQ
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudSwapna Shetye
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Huntsman Security
 
Comparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for SmartphonesComparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
 

What's hot (20)

Android security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defensesAndroid security a survey of issues, malware penetration, and defenses
Android security a survey of issues, malware penetration, and defenses
 
Network srcurity
Network srcurityNetwork srcurity
Network srcurity
 
C02
C02C02
C02
 
Security Solutions against Computer Networks Threats
Security Solutions against Computer Networks ThreatsSecurity Solutions against Computer Networks Threats
Security Solutions against Computer Networks Threats
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-Practices
 
Analytical survey of active intrusion detection techniques in mobile ad hoc n...
Analytical survey of active intrusion detection techniques in mobile ad hoc n...Analytical survey of active intrusion detection techniques in mobile ad hoc n...
Analytical survey of active intrusion detection techniques in mobile ad hoc n...
 
Healthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend ThemHealthcare IT Security Threats & Ways to Defend Them
Healthcare IT Security Threats & Ways to Defend Them
 
Ieee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systemsIeee project-2014-2015-context-based-access-control-systems
Ieee project-2014-2015-context-based-access-control-systems
 
Security and information assurance
Security and information assuranceSecurity and information assurance
Security and information assurance
 
Intrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern miningIntrusion detection and anomaly detection system using sequential pattern mining
Intrusion detection and anomaly detection system using sequential pattern mining
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
IRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder LockIRJET- Fingerprint based Folder Lock
IRJET- Fingerprint based Folder Lock
 
Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action Is Antivirus (AV) Dead or Just Missing in Action
Is Antivirus (AV) Dead or Just Missing in Action
 
Security Policy Checklist
Security Policy ChecklistSecurity Policy Checklist
Security Policy Checklist
 
NETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTING
NETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTINGNETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTING
NETWORK INTRUSION DETECTION AND NODE RECOVERY USING DYNAMIC PATH ROUTING
 
From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus Cloud
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)
 
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016
 
Comparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for SmartphonesComparative Study on Intrusion Detection Systems for Smartphones
Comparative Study on Intrusion Detection Systems for Smartphones
 

Similar to Windows Network Access Control for Government Traffic Department

Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of CyprusRisk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of CyprusIS Decisions
 
Information Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockInformation Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockIS Decisions
 
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISESMACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISESIRJET Journal
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprisehardik soni
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)inventionjournals
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptxKENNEDYDONATO1
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)Ahmed Banafa
 
PortalGuard Platform
PortalGuard PlatformPortalGuard Platform
PortalGuard PlatformPortalGuard
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingKaren Oliver
 
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...IRJET Journal
 
Dashboard of intelligent transportation system (ITS) using mobile agents stra...
Dashboard of intelligent transportation system (ITS) using mobile agents stra...Dashboard of intelligent transportation system (ITS) using mobile agents stra...
Dashboard of intelligent transportation system (ITS) using mobile agents stra...IJECEIAES
 
A Dashboard of ITS - Tableau de bord du STI
A Dashboard of ITS - Tableau de bord du STIA Dashboard of ITS - Tableau de bord du STI
A Dashboard of ITS - Tableau de bord du STIn allali
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information securityAhmed Banafa
 
IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions
 

Similar to Windows Network Access Control for Government Traffic Department (20)

Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of CyprusRisk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
Risk from internal users in Banking. A Case-Study of UserLock and Bank of Cyprus
 
Information Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLockInformation Security in the Banking Sector. A Case Study on UserLock
Information Security in the Banking Sector. A Case Study on UserLock
 
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISESMACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PREMISES
 
5
55
5
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprise
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
 
Computer Security.pptx
Computer Security.pptxComputer Security.pptx
Computer Security.pptx
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)
 
PortalGuard Platform
PortalGuard PlatformPortalGuard Platform
PortalGuard Platform
 
P3
P3P3
P3
 
IDS Research
IDS ResearchIDS Research
IDS Research
 
Remote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal ThingRemote Access Policy Is A Normal Thing
Remote Access Policy Is A Normal Thing
 
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
IMPLEMENTATION PAPER ON MACHINE LEARNING BASED SECURITY SYSTEM FOR OFFICE PRE...
 
Dashboard of intelligent transportation system (ITS) using mobile agents stra...
Dashboard of intelligent transportation system (ITS) using mobile agents stra...Dashboard of intelligent transportation system (ITS) using mobile agents stra...
Dashboard of intelligent transportation system (ITS) using mobile agents stra...
 
A Dashboard of ITS - Tableau de bord du STI
A Dashboard of ITS - Tableau de bord du STIA Dashboard of ITS - Tableau de bord du STI
A Dashboard of ITS - Tableau de bord du STI
 
33
3333
33
 
P3 m2
P3 m2P3 m2
P3 m2
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security“Verify and never trust”: The Zero Trust Model of information security
“Verify and never trust”: The Zero Trust Model of information security
 
IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.IS Decisions Company Overview. Solutions to secure your Windows Network.
IS Decisions Company Overview. Solutions to secure your Windows Network.
 

More from IS Decisions

Security Breaches from Compromised User Logins
Security Breaches from Compromised User LoginsSecurity Breaches from Compromised User Logins
Security Breaches from Compromised User LoginsIS Decisions
 
UserLock 9 Technical Presentation
UserLock 9 Technical PresentationUserLock 9 Technical Presentation
UserLock 9 Technical PresentationIS Decisions
 
Mitigating Insider Threats within the Banking & Financial Sector
Mitigating Insider Threats within the Banking & Financial SectorMitigating Insider Threats within the Banking & Financial Sector
Mitigating Insider Threats within the Banking & Financial SectorIS Decisions
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsIS Decisions
 
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...IS Decisions
 
RemoteExec DataSheet
RemoteExec DataSheetRemoteExec DataSheet
RemoteExec DataSheetIS Decisions
 
School Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case StudySchool Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case StudyIS Decisions
 
FileAudit Presentation | Windows File System Auditing
FileAudit Presentation  | Windows File System AuditingFileAudit Presentation  | Windows File System Auditing
FileAudit Presentation | Windows File System AuditingIS Decisions
 
UserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows NetworksUserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows NetworksIS Decisions
 
FileAudit Datasheet
FileAudit DatasheetFileAudit Datasheet
FileAudit DatasheetIS Decisions
 
UserLock Datasheet
UserLock DatasheetUserLock Datasheet
UserLock DatasheetIS Decisions
 
RemoteExec Presentation
RemoteExec PresentationRemoteExec Presentation
RemoteExec PresentationIS Decisions
 
IS Decisions in the NUMB3RS
IS Decisions in the NUMB3RSIS Decisions in the NUMB3RS
IS Decisions in the NUMB3RSIS Decisions
 
IS Decisions Company Presentation
IS Decisions Company PresentationIS Decisions Company Presentation
IS Decisions Company PresentationIS Decisions
 
WinReporter Presentation
WinReporter PresentationWinReporter Presentation
WinReporter PresentationIS Decisions
 

More from IS Decisions (15)

Security Breaches from Compromised User Logins
Security Breaches from Compromised User LoginsSecurity Breaches from Compromised User Logins
Security Breaches from Compromised User Logins
 
UserLock 9 Technical Presentation
UserLock 9 Technical PresentationUserLock 9 Technical Presentation
UserLock 9 Technical Presentation
 
Mitigating Insider Threats within the Banking & Financial Sector
Mitigating Insider Threats within the Banking & Financial SectorMitigating Insider Threats within the Banking & Financial Sector
Mitigating Insider Threats within the Banking & Financial Sector
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS Decisions
 
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...Oklahoma City Public Schools stops users sharing Windows Network Login with U...
Oklahoma City Public Schools stops users sharing Windows Network Login with U...
 
RemoteExec DataSheet
RemoteExec DataSheetRemoteExec DataSheet
RemoteExec DataSheet
 
School Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case StudySchool Network Security. Camden City School District Case Study
School Network Security. Camden City School District Case Study
 
FileAudit Presentation | Windows File System Auditing
FileAudit Presentation  | Windows File System AuditingFileAudit Presentation  | Windows File System Auditing
FileAudit Presentation | Windows File System Auditing
 
UserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows NetworksUserLock Presentation | Access Security for Windows Networks
UserLock Presentation | Access Security for Windows Networks
 
FileAudit Datasheet
FileAudit DatasheetFileAudit Datasheet
FileAudit Datasheet
 
UserLock Datasheet
UserLock DatasheetUserLock Datasheet
UserLock Datasheet
 
RemoteExec Presentation
RemoteExec PresentationRemoteExec Presentation
RemoteExec Presentation
 
IS Decisions in the NUMB3RS
IS Decisions in the NUMB3RSIS Decisions in the NUMB3RS
IS Decisions in the NUMB3RS
 
IS Decisions Company Presentation
IS Decisions Company PresentationIS Decisions Company Presentation
IS Decisions Company Presentation
 
WinReporter Presentation
WinReporter PresentationWinReporter Presentation
WinReporter Presentation
 

Recently uploaded

ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupCatarinaPereira64715
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2DianaGray10
 
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineServer-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineUXDXConf
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastUXDXConf
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀DianaGray10
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxAbida Shariff
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeCzechDreamin
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1DianaGray10
 
Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.Boni Yeamin
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKUXDXConf
 
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in TechnologyMotion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in TechnologyUXDXConf
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureFemke de Vroome
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...CzechDreamin
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoTAnalytics
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekCzechDreamin
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfChristopherTHyatt
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessUXDXConf
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101vincent683379
 

Recently uploaded (20)

ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineServer-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.Enterprise Security Monitoring, And Log Management.
Enterprise Security Monitoring, And Log Management.
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in TechnologyMotion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in Technology
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 

Windows Network Access Control for Government Traffic Department

  • 1. CASE STUDY UserLock empowers Pernambuco State Traffic Department to better protect sensitive information for over 2000 employees Customer Solution Detran-PE: Pernambuco State With UserLock, a customized access policy can be Traffic Department set and enforced to permit or deny user logins. Concurrent sessions can be prevented and access restricted to specific workstations or devices, time, business hours and connection type (including Wi-Fi). Industry Government Result Reduced risk to the organization’s data through Geography effective network access management and monitoring. Brazil Password sharing between users has been stopped Challenge Sensitive data on the Windowsbased network was being put at risk through the prevention of concurrent logins, Up to 90% less time is spent manually monitoring and auditing user activity on the network. by unauthorized user access and An effective control of time for when the network can uncontrolled user behavior. be accessed ‘‘ With UserLock, we have an effective network access management tool that is very simple to manage and easy to understand. It has helped simplify IT’s work by reducing between 70 to 90% the time spent monitoring and auditing network access of all users. ’’ Antônio Fernandes S. Oliveira Network Manager Pernambuco State Traffic Department
  • 2. CASE STUDY USERLOCK EMPOWERS PERNAMBUCO STATE TRAFFIC DEPARTMENT TO BETTER PROTECT SENSITIVE INFORMATION The Challenge State Traffic Department need to control and secure ‘traffic’ to the network Pernambuco State Traffic Department in Brazil is a very busy organization, having, amongst other tasks, to monitor all the state’s traffic, issue driver’s licenses and vehicle license plates. The IT department is no less busy, with responsibility for approximately 2000 users spread over more than 100 different divisions. In such an organization like the State Traffic Department, unauthorized access to information, whether it is from inside or outside the organization, can have serious consequences. It is therefore of utmost importance for the department to be able to enforce security rules that control network and data access. To meet these needs with native Active Directory security, several Group Policies were in place for software restriction and approved audit, a strict password setting policy (based on size, history and complexity) was enforced and all admin access was restricted to only support users. Despite these measures the IT department noted several on-going security risks linked to user behavior and their network access, often without the users even being aware of the risks at hand. For example, access to the network out of business hours, connection from unauthorized external locations, and, very frequently, password sharing. “ Before UserLock we did not have an effective access login management, and because of that anyone could access the network at any place and time, and as many times as they wanted. ” “Network security is a critical problem for most companies, and security in Windows-based networks relies heavily on a user’s login credentials”, said Antônio Oliveira, Network Manager. “The problem is that native Windows-based network controls does not limit the number of possible logins for a single user. On many occasions, users give their passwords to colleagues or other people, without being aware that this can cause them serious trouble: a user’s login is their signature and any problem related to it becomes their responsibility. By li- miting the number of concurrent logins, the network is better protected.” Solving these issues required a whole new level of access security and user login management, in order to eliminate these risk factors and better protect information on the group’s network. The Solution UserLock addresses very specific but important gaps in managing the security of Windows infrastructures. The team set out the following objectives a new solution would accomplish: Location management - to prevent unsecure connections from outside locations. Time management - to avoid users connecting to the company network outside of designated hours. Improved network access reporting - to help with the daily management of users. Concurrent login management - to reduce the risk of users sharing their passwords. Having been able to put the software to the test in their own specific environment, they found that UserLock met exactly the department needs to be able to restrict access of network users, limit access per user, and prevent concurrent logins. The team also found the solution extremely effective in helping with the audits conducted by the organization. In addition, the ability to receive alerts on suspicious
  • 3. CASE STUDY USERLOCK EMPOWERS PERNAMBUCO STATE TRAFFIC DEPARTMENT TO BETTER PROTECT SENSITIVE INFORMATION access events, coupled to the possibility to take control via remote session when needed, also proved to be a significant plus. With its simple deployment process, the team rapidly installed UserLock and started controlling user access and protecting the network. “It took us about 48 hours to deploy. First on the server and then across all locations through the automatic deployment system provided by the software.” During their daily use of the software, Antônio Oliverira and his team did note one possible improvement; to end users sessions, once the time limit was exceeded. This feedback was taken on by the development team at IS Decisions, who added this feature to their software within the next product release. “The support given by IS Decisions was excellent, especially because they are open to new ideas. We contacted them to address the matter of ending the sessions of users exceeding their network access time limit, and after our feedback a new function was added in the subsequent version.” The Benefits Reduced risk to the organizations data through effective network access management and monitoring In using UserLock, Antônio Oliveira states that Pernambuco State Traffic Department can now deliver effective network access management across all its locations. “Before UserLock we did not have an effective access login management, and because of that anyone could access the network at any place and time, and as many times as they wanted.” UserLock has helped reduce the risk of security breaches to the organization’s data and realize time savings when it comes to monitoring, auditing and reacting to suspicious access events. Through the prevention of concurrent logins for 95% of their users, password sharing between users has now been stopped. Access to users can now be restricted and limited based on multiple criteria, including workstation or devices, time, business hours and connection type. All user access can be monitored in real-time with IT able to remotely and instantly react to any suspicious events. Time spent manually monitoring and auditing network access has been reduced by up to 90%, freeing up resources for other tasks. “With UserLock, we have an effective network access management tool that is very simple to manage and easy to understand. It has helped simplify IT’s work by reducing between 70 to 90% the time spent monitoring and auditing network access of all users” Some other UserLock customers FBI, DEA, UN, Barclays, BNP Paribas, Ministry Interior Saudi Arabia, Bank of Kuwait, South Wales Police, NHS, University Download a UserLock FREE TRIAL version WWW.USERLOCK.COM of Leeds, NATO, City of Paris, ... www.isdecisions.com | info@isdecisions.com Technopôle IZARBEL - Créaticité Bât. A BP12 - 64210 Bidart - FRANCE Phone: +335.59.41.42.20 - Fax: +335.59.41.42.21