Business Overview
This customer is a full-service international powerhouse with approximately 2,000 attorneys in 27 offices around the world, covering the United States, Europe, the Middle East and Asia. In 2008, it became the first US-based law firm to attain more than $2 billion in yearly revenue. Their departments are each recognized as leaders in the legal profession.The firm has one of the largest and most sophisticated litigation practices in the world, offering expertise in a multitude of substantive areas.Our environmental practice has been at the forefront of this rapidly changing area for the last two decades and was named as the top firm in the world for environmental expertise. The firm has a long and rich history in tax matters, dating back to founding partner Dana Latham, former Commissioner of the US Internal Revenue Service.
Challenge
Because of the characteristics of business, the firm has ton of sensentive data processes by thousands of its laptops and servers worldwide. Those sensitive information must be protected very carefully to meet the diverse compliance requirements by the regulations and industry standards. Potential data leakage and internal abuse could bring disastrous impact to the core business of the firm.
The IT team is responsible for most operation and maintenance job of the IT infrastructure which plays the critical role to protect those sensitive data. Further, there are a few engineers from outsourcing partners who have to access the sensitive data. These bring more challenges to the data protection. How to make sure the operations and maintenance jobs are following secure guidance? How to make sure the Segregation of Duties (SoD) are correctly implemented? How to record the sensitive and critical operations to the data centrally so that they can be replayed in the future for forensics purpose? How to monitor the network behavior and find potential anomaly from a credible viewpoints? Those challenges are sharp pains to the IT management before they chose and deployed Session Auditor finally.
Solution
Session Auditor was deployed at the critical network segments to record all the network traffic between servers and their maintenance terminals, both internal and outsource parties. The recorded operation data was centrally stored and analyzed. The separate role of internal auditor monitors and tracks all the suspect network behaviors reported by Session Auditor. Regular reports on network behavior and analysis are generated and submitted to management team and archieved for external auditor review.
Benefits
Session Auditor brings great business value to this customer. They are:
- All the network operations to targeted sensitive data are recorded and analyzed. This brings confidence and guarantee to the management team.
- Complete operation records provides best forensics resource and enhances the compliance of the firm.
- Session Auditor helps mitigate the potential dissension between the firm and outsourcing partners.
News & Events
- Cutting-Edge Network Behavior Audit Technology from BMST
- Session Auditor supports X-Window now!
- Session Auditor is enhanced with HP RGS support!
- Session Auditor supports Citrix ICA
- Session Auditor Lite released today!
- BMST gets Hi-Tech Enterprise Certificate!
- BMST Office Moves to new location
- Session-Auditor v1.5 released
- BMST was founded with cutting edge inline RDP/SSH audit product!