Monitoring suspected unauthorised access to data is a critical aspect of our security posture. Here's how we approach it: 

  • Log Analysis: All access logs, including those of applications, databases, and servers, are centrally collected and regularly analysed using our Security Information and Event Management (SIEM) solution. The SIEM correlates data from various sources to identify anomalies or unauthorised access patterns. 
  • Access Control Lists (ACLs): We use ACLs to define who can access what data. Regular audits of these lists help in identifying and rectifying any unnecessary access rights. 
  • User and Entity Behaviour Analytics (UEBA): We employ this technology which leverages machine learning and advanced analytics to detect abnormalities in user behaviour, such as accessing data at odd hours or downloading large volumes of data unexpectedly. 
  • Multi-Factor Authentication (MFA): By implementing MFA, we add an extra layer of security that reduces the chances of unauthorised data access, even if login credentials are compromised. 
  • Alerts and Notifications: If an anomaly is detected, our systems are set up to immediately notify relevant personnel. This rapid alert system ensures that potential breaches can be addressed in real-time. 
  • Regular Reviews: Our security team conducts periodic reviews of all systems, evaluating the effectiveness of current measures and adapting to new threats. 
  • Incident Response Plan: In case a suspected unauthorised access is confirmed, our incident response team is activated. They follow a predefined plan to contain, mitigate, and investigate the breach. 
  • Training & Awareness: All employees are regularly trained on the importance of data security, helping them recognise and report any suspicious activities they encounter.