Regional Council Eliminates Security Blind Spots and Reduces the Likelihood of a Breach

Bevan Hussey, Systems Officer at Queanbeyan-Palerang Regional Council, had been using Netwrix products at his previous job, so he recommended Netwrix Auditor once he joined the Council. He cited the product’s ease of use as the primary reason for making that recommendation. With the solution, his team has been able to gain the following benefits:

• Full control over changes. Bevan doesn’t have to juggle multiple auditing tools, because Netwrix Auditor provides access to the complete audit trail in a centralized platform. He checks activity summaries on a daily basis to see what happened across the organization’s most critical systems: Active Directory, Exchange, VMware and Windows Server. Delivered in a unified and consistent way, this information enables him to quickly detect and investigate anything out of ordinary, such changes to Group Policy, modifications of virtual machines or elevated account permissions.
• Prompt detection of malicious activity. Bevan especially values that Netwrix Auditor helps his team detect unusual activity that can indicate a malicious insider or compromised account and thwart it before any damage is done. For example, the software alerts him to excessive numbers of failed logon attempts, a user being added to the powerful Domain Admins group, and other activity that could indicate a threat.
• Improved IT staff accountability and education. Bevan also uses Netwrix Auditor to ensure that the actions of IT staff do not violate security policies or disrupt business workflows. For instance, if an admin accidentally adds a user to a privileged group or improperly revokes access rights, he can detect it and resolve the issue right away, as well as provide additional training to that employee.