Law Firm Gains Control over Critical File Shares and Detects Ransomware Faster
Even small law firms handle a lot of sensitive data and struggle to monitor what’s happening around it. Netwrix Auditor closed a large visibility gap for us. Automated reports and alerts help us quickly identify the risks to our data and be proactive towards security. The peace of mind it gives to the IT team and executive management is priceless.
David M. Orschel, IT Director,
Carmody Torrance Sandak & Hennessey
- To secure large amounts of sensitive client data, such as personal information, financial statements and business agreements, the IT director wanted to automate monitoring of user activity across file servers. The document management system in use had gaps in its auditing capabilities and did not provide the detailed information needed to quickly detect aberrant user behavior and other threats to data.
- To avoid service outages and ensure that members of the IT staff perform their jobs properly, the IT director needed automated change and configuration auditing for Active Directory.
Now we are able to assure the C-level management team, which is not technical in nature, that we know what’s going on with all of our users and sensitive data, and prove that our systems are secure with the straightforward Netwrix Auditor reports.
David M. Orschel, IT Director,
Carmody Torrance Sandak & Hennessey
David Orschel, IT Director at Carmody, had been using free tools from Netwrix to troubleshoot account lockouts and automate password expiration notifications, and found them efficient and easy to use. Going with Netwrix Auditor was an easy decision for him, and he especially liked the set of predefined alerts on file activity that could indicate a ransomware attack.
- Visibility into user activity around sensitive data. Netwrix Auditor’s daily reports clearly show what users are doing with sensitive data and provide the essential who-what-when-where details. If David notices unusual actions, such as a change to data access permissions or suspicious file modifications, he can review the complete history of the user’s actions right in the product, ensuring a speedy, in-depth investigation. He pays particular attention to data deletions: Whether it is a user mistake or a departing employee cleaning out data that shouldn’t be removed, Netwrix Auditor alerts him to any unusual activity so he can take action promptly.
- Early detection of ransomware. David especially values that Netwrix Auditor alerts him to anomalous user activity that could indicate ransomware in operation, such as suspiciously high numbers of file reads, failed read attempts, file changes or file deletions. As a result, he can quickly identify the “patient zero” account that has been taken over and respond in a timely manner.
- Increased accountability of privileged users. David uses Netwrix Auditor to validate the IT team’s administrative access and check what they are doing across Active Directory and Group Policy — especially things like adding users to critical security groups and modifying configurations. For example, the software enabled him to detect a GPO applied at the wrong level of the Active Directory tree so he could reconfigure it to prevent disruption to the firm’s operations, and then provide additional training to the IT team member involved.
- Efficient account lockout management. Attorney’s accounts were regularly getting locked out, hurting their productivity and taking a lot of the IT team’s time. With Netwrix Auditor, David and his team can see who has been locked out and start the helpdesk process immediately. They can unlock the account remotely, which saves attorneys 3–5 hours of lost productivity on an average day. They can use the software’s Interactive Search to determine the root cause of the issue, assess whether it was a security incident, and take steps to prevent future lockouts.
- Better security of business-critical data
- Fast detection and response to ransomware
- Individual accountability of privileged users
- Higher user productivity
Carmody Torrance Sandak & Hennessey LLP is a U.S. law firm with offices across the state of Connecticut. The firm comprises more than 75 attorneys who are each skilled in multiple related areas, which enables the firm to practice in nearly 30 areas of law and serve a wide range of businesses, utilities, government entities and individuals.