Like many organizations, you have a BYOD program. Like many organizations, your employees are switching to cloud services to gain better productivity and save on cost. Some of them don't even involve the IT department or even purchasing - they may subscribe to a 30 days trial and pay for the service using their corporate credit card.
And how do you monitor these activities? How do you secure them? How do you make sure your marketing dept does not place all their yearly marketing plans with a risky service? How can you make sure you'd be able to retrieve data when needed?
Oh, I guess you have a SIEM.. And the SIEM monitors and alerts you on risky behaviors and suspicious events (assuming that you spent time building the right controls and parsing rules into your SIEM). Only that SIEM do not monitor things outside your Firewall. It does not track and monitor where you need most visibility – across cloud and mobile environments.
So you are kept in the dark.
When designing Rapid7 UserInsight we wanted to provide security teams with actionable user monitoring into on premise, cloud and mobile environments and alert on the risky behaviors that we detect. So we developed UserInsight to provide insight where your SIEMs have no visibility.
Our customers found UserInsight most valuable in those places where they had no other easy way to detect risky behavior. For example, UserInsight alerts you when the same employee authenticates to the VPN from Boston while logging into Box from Shanghai at the same time. UserInsight alerts you when a disabled account of an employee that was just dismissed logs into your corporate Salesforce account from home a few hours later. These are very important examples of suspicious behavior that without UserInsight cannot be tracked.
We are now offering a free trial of UserInsight to enable you to gain comprehensive user visibility on premise, cloud and mobile environments.