Abusive Admin Andy
Offender Profile:
Andy is a system administrator who has access to pretty much every important system at the company. Confidential information is his for the taking, and nobody is watching what he does.
Alleged Behavior:
- Snoops through the CEO's email
- Browses the company payroll system
- Plants backdoors
- Uploads valuable information to his secret SFTP server
The Verdict:
Varonis can detect when Andy is accessing or modifying files and emails that are sensitive and/or that he doesn't normally access. We also know when he installs malicious scripts or creates backdoor accounts in Active Directory.
Back to all