Who is accessing the M&A VP’s email account?
A security breach is uncovered during a routine audit. Someone has access to the mailbox belonging to the head of mergers and acquisitions. With the company’s ongoing and highly sensitive M&A discussions, this unauthorized access couldn’t have come at a worse time.
To determine who has access and how this happened, someone on staff with deep technical knowledge is required. Determining who performed a specific action is not possible in the Microsoft environment without significant PowerShell knowledge and an important investment of resources and time.
But to compound the problem, could the same person with those skills be the person who created the breach? For this reason, most enterprise security issues require the use of an external 3rd party security firm. That’s both expensive and time consuming. Or, they could use Cloud Control.
Cloud Control tracks, audits and reports all system operations regardless of operator. That places access and transaction data in the hands of management in real time, tamper-proof and dead accurate. Date, time, username, account in question, operation and who executed it, are automatically tracked by Cloud Control and can provide the CIO the answers he needs.
As it turns out, the suspected security breach turns out to have been a night shift technician who enabled full mailbox access while doing authorized testing after-hours – and inadvertently disabled access on the test conclusion. One minute for Cloud Control to report the occurrence vs. hours or days of costly and awkward security audits!