User Activity Monitoring

The Challenge

Companies are investing in high availability systems and performance monitoring solutions for data centres, but are failing to follow best practice procedures to avoid human errors.

As complexity grows in IT infrastructure, administrators are searching for solutions that will help them effectively monitor and maintain these environments. But oddly enough, the simple question “Who last accessed the server and what did he do?” remains one of the toughest questions to answer. This is despite the variety of system management tools in use today. It is not enough to just monitor servers and applications when the #1 cause for server downtime is human error.

The problem of maintaining uptime is exacerbated by the increased dependency on using outsourced consultants, contractors or other users who have access to the administration account. This situation brings a decrease in direct accountability and visibility.

Who Touched This Server?

The first thought that comes to mind of any IT administrator during a system outage is “Who touched this server?” If the question can be answered, it has two benefits. In most cases, it immediately points to the cause of the outage. And even if it does not, it at a minimum will eliminate some subset of the other possible causes.

What Don’t We Know ?

Who has touched this servers and what has been done to it that we don’t know? How do we know that the administrators of this serves has not acted deceitfully or deviously? This is by far the biggest security question and a major gap in organisations security defence.

The Solution

Using ObserveIT technology, you can have the visibility into all user activity within any window server session, whether they are performed through remote access or console access. With support for Terminal Services, Citrix, Remote Desktop, PC-Anywhere, VNC and NetOP, ObserveIT is agnostic to protocol and to client application. In addition to capturing all screen activity for each user action, ObserveIT extracts meta-data on the state of the operating system and the

applications in use, enabling precise identification of user actions and impact. No matter what method of user access, all activity can be searched and replayed in a single unified view.

With human error being responsible for 56% of server outages, ObserveIT lets you solve your most painful problems in the most direct path possible:

  • 1. See what was done.
  • 2. Undo it.

Avecto Privilege Management

Defendpoint Privilege Management assigns privileges to applications, not users, allowing you to remove admin rights and protect the operating system. With this flexible approach, individuals can still access the documents, tasks and scripts they need to perform their job roles so that they can be productive without security compromise.

  • Eliminate admin rights
  • Assign privileges directly to applications
  • Protect the endpoint from insider threats

Datasheet – Privilege Management

Application Control

Defendpoint Application Control solves the traditionally difficult challenge of managing business applications. With its advanced capabilities, you take a more pragmatic approach to whitelisting so that users retain the flexibility they need to be productive. Simple yet highly effective management makes it possible to maintain application control across even the largest enterprise.

  • Block unauthorized applications
  • Handle diverse user needs flexibly
  • Defend against zero day and targeted attacks

Datasheet – Application Control


Defendpoint Sandboxing extends security coverage to the most common entry point for malware and hackers – the internet. Using Windows native security to isolate web-borne threats, your corporate data is protected by a safety net, while the end user experience remains seamless.

  • Capture web-borne threats
  • Isolate untrusted activity
  • Secure your data from malware