IS Decisions today announced the release of version 4.0 of UserLock, a solution to control and secure accesses to Windows networks.

UserLock 4.0 comes with numerous new features and enhancements, including:

Ability to enforce a stricter security policy
- by defining working hours for protected users: outside of this(these) timeframe(s), users will be logged off with prior warning
- by defining maximum session time for protected users: when the time is over, users will be logged off with prior warning

Improved granularity of administration by giving certain users the ability to view and manage sessions without having access to more critical UserLock settings

More powerful reporting capacities
- with the ability to display reports from the Web console
- with 2 new reports: Agent Distribution (view of the agent installation status on all computers of the protected network zone) and User sessions (instantaneous view of all user session at display time)
- with the ability to automatically generate reports at regular intervals, to update for example a Web site or to email

Enhanced end-user experience
-  with a public Web interface to display system usage (per session status), allowing users to easily find an available computer
- with the ability for users to remotely close their previous session as they logon to another computer, avoiding them from having to go back to their previous computer

Windows Vista compatibility

…

Detailed info and fully-functional trial version

Forrester Research recently announced the availability of its latest research report titled “Calculating The Cost Of A Security Breach.”

According to the report, one third of the respondents acknowledged having had to cope with a data breach, half of them reported significant related costs, and 43 % said the costs of customer notification and loss of business could be counted in the fall-out from a data breach.

Forrester concluded that the costs of a data breach vary widely, from about US$90 to US$305 per customer record, depending whether the breach is “low-profile” or “high-profile” and the company in a non-regulated or highly regulated area, such as banking.

These figures underline the necessity of using appropriate tools to perform frequent security audits.

Using FileAudit, IT Security officers are able to identify in a click users who accessed sensitive/confidential data and at what time, to archive the access events for files and folders and display them in a printable report.

Check out FileAudit features and download a free trial version

A public beta version of UserLock 4 is available. This version is freely downloadable and can be installed on a test environment.

With this beta version, a warning message will be displayed to users during the logon in order to indicate that this beta version should only be installed on a test environment.

You will find an up-to-date list of all new features in UserLock 4 at the following links:
Feature list with screenshots
Feature lists without screenshots

If you are interested in installing this beta version in your production environment please enroll UserLock 4 Beta Program by sending an Email to support@isdecisions.com.

Our Support Team will then give you instructions to safely perform your tests and to remove the beta warning.

Download UserLock 4.0 Public Beta

You are invited to participate in the Beta Program for UserLock 4.0!

UserLock is a unique software solution that secures access to Windows networks by restricting simultaneous sessions, by limiting user access to the network and by providing administrators with remote session control, alert options and advanced reporting for session analysis.

A beta version of UserLock 4.0 will be released shortly.

If you are interested in participating in the beta program – or for more information – please send an Email to:
support@isdecisions.com

The IT Policy Compliance Group recently announced the availability of its latest research report titled “Taking Action to Protect Sensitive Data.”

According to the report, 20% of organizations are suffering from 22 or more sensitive data losses per year. The most sensitive losses include customer, financial, corporate, employee, and IT security data, which is either stolen, leaked, or destroyed.

The IT Policy Compliance Group report outlines recommendations to help organizations improve sensitive data protection. These include increasing the frequency of audits and measurements.

Using FileAudit, IT Security officers are able to identify in a click users who accessed sensitive/confidential data and at what time, to archive the access events for files and folders and display them in a printable report.

Check out how

Daylight Saving Time change occurred on Sunday, March 11, 2007 and, if not properly updated, your Windows systems could be missing critical events or deadlines.

In order to keep your backups running, your appointments in synch, and other schedule-oriented activities occurring on time, you should audit all your servers, desktops and laptops, and verify if they have been correctly patched.

You can do it enabling the following WinReporter audit: “DST Update for Windows (KB931836) is not installed“, and reviewing WinReporter’s “Service Packs and hotfixes“ report.

Check out how

When did you change your administrator password for the last time? How much time does it take to modify password settings on hundreds or thousands of systems?

You remind (or force) your users to regularly change their passwords, but one of the most tedious and commonly overlooked administrative tasks is changing the local administrator account on workstations and servers.

Fortunately enough, you can do this easily with RemoteExec:

Just define the “Local Account Maintenance” action in the Action Tab, and remotely replace the local administrator password on as many computers as you want, in one pass. You can also disable all other local accounts.

Check out how

Testing for security vulnerabilities is nearly always considered from a hacker’s perspective, but we must not forget about those rogue insiders that can do as much, if not more, damage.

Performing internal security tests therefore needs to be done, but can be very tedious work without appropriate tools.

The best way to go about doing this is using the right tools, and WinReporter is clearly one of them.

Using WinReporter, you will be for example able to:
- find computers with unapproved local accounts or with missing required local accounts
- find computers with unapproved local administrators or missing required local administrators
- list added, removed, enabled or disabled user accounts on your Windows network between two dates
- list computers with unapproved shares or missing required shares
- display NTFS permissions only for shared folders, for all folders or for a specified folder with/without its subfolders
- display user accounts according to: latest logon time, passwords age, empty passwords, expired passwords, permanent passwords and account status (enabled/disabled).

Check out WinReporter features

Simultaneous logon (same ID, same password) limitation or prohibition has recently become a recurrent topic on forums, newsgroups and blogs dedicated to IT security.

Many ITpros struggle with Microsoft LimitLogin to try and implement this feature and rapidly ask for alternative solutions.
As Bill Boswell wrote in MCP Magazine (“Keeping users at bay“):
“LimitLogin requires a bit of effort to deploy. For one thing, it performs a Schema modification. For another, it creates a new partition in Active Directory. It also requires configuring a Web server with the .NET Framework and ASP.NET and setting it up to do delegated Kerberos authentication. Finally, it requires distributing client packages that support communicating with the Web server via SOAP (a lightweight protocol for exchanging structured information in a distributed environment).
Whoa. Don’t stop reading. It’s complicated, but not impossible. Really.”

On the other hand, IS Decisions’ UserLock provides concurrent connection restriction functionality as well as additional features to optimize and secure user network access.

How do these 2 solutions compare?

Check out LimitLogin vs UserLock Competitive Analysis

Windows Vista’s enhanced functionality and snazzy Aero Glass visual effects will demand steeper hardware requirements for the systems you support.

Microsoft has created two distinct hardware classifications for PC manufacturers to use for their new systems. A PC can be either “Vista Capable” or “Premium Ready.” The standard Vista Capable machines have more scaled down hardware requirements than the Premium Ready machines, and the biggest difference between the two systems is that Vista Capable machines cannot use the new Aero Glass graphics.

Here are 4 main factors to address as you prepare your existing computers to run Windows Vista:

1) Check the CPU
To be considered Vista Capable, your computers must have a CPU of at least 800 MHz. Those that are Premium Ready require a processor of at least 1 GHz.

2) Check the RAM
To be considered Vista Capable, your PC must have at least 512 MB of RAM. Premium Ready machines must have a minimum of 1 GB of system RAM.

3) Check your graphics adapters
If you are looking forward to the new 3-D Aero Glass graphics, you will need to make sure that your graphics adapters is DirectX 9 capable. WDDM (a Windows display driver model for writing drivers) compatibility is also recommended.
To be considered Premium Ready, the graphics adapters must have a minimum of 128 MB of video RAM. Vista Capable cards require only 64 MB of video RAM.

4) Check your free disk space
To install Windows Vista, your hard drives must be at least 40 GB in size and have a minimum of 15 GB of free space.

Using WinReporter, you will quickly obtain a comprehensive inventory for these resources, and be able to generate a full report of your network(s) in anticipation of your Windows Vista migration project.

WinReporter overview and free trial version download