Audit File Access & User Activity

• No need to configure (or rely on) native-Windows tools. FileSure operates separately, "seeing" all file access activity, but only recording what is important to you.
• Includes reads, writes, creates, deletes, renames, security setting changes and denies on Windows file servers, NAS, and Windows workstations.
• Choose from criteria such as user name, domain group membership, time of day, program accessing the file, usage behavior, thresholds, and much, much more.
• Track file/folder access by name/location or by type of file. You have the flexibility to track everything or very specific things.
• Watch the watchers - Track privileged user access activity and block privileged users as desired.
• Track what files and folders were deleted or renamed so when users call asking where their files/data went you can easily respond.
• FileSure uses so little CPU that it usually shows up as 0%; users won't even know it is there. Advanced processing prioritization; optimized for real-time processing; non-real time item processing is delayed until system capacity will allow it.
• Avoids "audit storms" by collapsing duplicate events and filtering out noise.
• Track user session state changes, remote controls, and logon/logoff activity.

Protect data

• Control access to files and folders without ever touching an ACL (Access Control List).
• Control/manage by all the criteria mentioned above, and not just by user, but also by process. Allowing only people in the Finance group to access Financial data is now easy to accomplish!
• Stop file copies/moves to USB drives, external drives, webmail attach, CD/DVDs, secure FTP, "save as" and more-on both servers and workstations.
• Detect and investigate bulk moves, especially to removable drives or CD/DVD drives.
• Block bulk read or writes; anything more than a threshold you set can be stopped; of course an alert can concurrently be issued.
• Detect and investigate web-mail attach or USB device usage period.
• Control the use of administrative shares so administrators can do what they need to do, yet not see things they shouldn't.
• Stop accidental block deletes - Set a threshold for allowable activity, not just deletes, and then once the threshold is crossed, stop allowing additional access actions to occur and optionally send an alert email that this is transpiring.
• Block cut/paste of sensitive information - automatic clipboard clearing when user changes from one application to another. This will keep them from cutting content from WORD or PDF and inserting it into a webmail email which of course is a separate application (IE, Firefox, Chrome, etc.).

Improve Security
"Defense in Depth"

• Protect from malware zero-day attacks that are able to exploit signature based systems via an approved application list (white-list); If not on the list, it can't be read from the drive in the first place so there is no way it can run.
• Block web-site changes; lock down your web site content and source code from being changed so hackers cannot deface your site or land malicious payloads; Another good side effect is that your developers cannot role out new functionality during the production day. This reduces risk of issues being introduced... yes, you can allow the developers to make updates in a specified time window.
• Ensure file integrity - Monitor all file changes and protect your known executables and configurations from being changed or maliciously replaced.
• Block executables from running from USB attached devices (aka "switchblade attack"). This is accomplished by blocking "read" of any executable files from USB drives!

Comply with regulations and security policies

• Meet requirements for HIPAA, NERC-CIP, PCI DSS, FISMA, FERPA, 21-CFR-11, SOX, and more.
• Many regulations require that you ensure file integrity. Obviously that is easy to accomplish with FileSure.
• Know what privileged users are accessing and doing with your data.
• Know when configurations change.
• Know when new or changed applications are installed.
• Protect from malware, wrong-doers, and inadvertent violations.
• Know what users are accessing and what they are doing with the data - such as hospital patient records, financial data, HR data, customer data, proprietary designs & intellectual property, and even military data.
• Satisfy random auditor requests - Extensive report templates provided out of the box with the ability to create customer reports and even export that data to excel, access, and others for self-search and data filtering/manipulation.
• Meet file integrity monitoring requirements.
• FileSure integrity - Comprehensive self-logging of any FileSure rule changes in the Event Log, Syslog and Data store
• FileSure integrity - FileSure can be invisible on the protected machine and can also be locked so it cannot be shut down.
• FileSure integrity - Availability assurance via regular logged heartbeat.
• FileSure Integrity - Tightly control access to FileSure by only allowing specific administrators to read "Filesure.exe."
• Comprehensive console security for limited access to program configuration and settings.
• Meet log archival requirements via existing backups since FileSure logs are file-based; Ability to search through archived log data simply by placing the log files back in the FileSure directory.

Comprehensive views, reporting, alerting, data export, and user-specific interfaces

• Leverage over 50 report templates as-is and/or build customized reports and queries in minutes.
• Schedule reports and have them emailed and/or saved in a folder in the format you desire (PDF,XLS,CSV, XML, HTML).
• Leverage multiple filtering criteria to view and isolate precisely what you need.
• Alerting by email when certain events or accesses occur or when thresholds are crossed.
• Export audited data to Microsoft Access and leverage our web console to allow non-privileged users, such as auditors and management, to run their own queries to get what they need.
• IT privileged user thick client - Powerful interface for comprehensive policy/rules management, configuration, viewing, reporting, alerting, etc.
• Non-privileged user lightweight interface - Web client for non-privileged users to view and query published data without allowing them access to FileSure.
• Search for trends - see usage trends by user-and then filter by time, file type, the program accessing the files, and much, much more. The result? You find abnormalities you wouldn't have otherwise seen.

Secure DataStore
"No DB required"

• NO database to buy or maintain - Just install and go - no need for database purchase or management, and no involvement of a database administrator.
• Ensure data integrity - We use SQL-Lite which is a file-based data store so it is safe, simple to back up, and allows audit information to be pulled much faster than database retrieval.
• All data at rest is both encrypted and compressed.

Ensure consistency across organization

• Intelligent and distributed rules management. You can define parent and children nodes and have the children obtain their rules from a specific parent. This makes it easy to have one rule set for one department/division of the company and another rule set for another. You also can create local "child" rules in addition to the rules being managed at the parent.

Windows event log support

• FileSure will watch and collect specific events, based on the event IDs, from the Windows event log and write them to the FileSure DataStore. You can also leverage the FileSure viewing, trend analysis, reporting, and alerting on these events just as you would for any FileSure logged activity.
• Optionally write to the Windows security event log and/or syslog in addition to the FileSure log. FileSure will always write to it own DataStore. Supporting the writing to these other logs allows for companies that are leveraging a SIEM (Security Incident and Event Management) solutions to extend those and automatically collect what FileSure logs.