FileSure for Windows

Free Trial
FileSure for Windows

Methodology

FileSure is a rules-based system that permits you to create very general/broad rules as well as very narrow/specific rules and employs the ability to utilize includes and excludes when there is a broad need with very specific exceptions. The rules and exceptions can include criteria such as file operation (read, write, create, delete, rename, and security settings too), file location (network drive, local drive, USB, CD/DVD, and driveless(VSS)), file type, folder/file name, user name, group name, program name, machine name, time of day, day of week, and file signature.

Additionally, FileSure for servers includes a comprehensive user interface for defining your auditing and protection policies which are automatically pushed out to your protected servers and workstations from a single master location. Alternatively, you have the ability to create local policies that take precedence over the master policy should that be needed for specific exceptions. The audit data is optionally maintained locally on each protected machine or combined to a single central location and is always encrypted and compressed. It can be written to the security event long or forwarded via syslog as well.


Feature List:

Audit File Access & User Activity

  • No need to configure (or rely on) native-Windows tools. FileSure operates separately, "seeing" all file access activity, but only recording what is important to you.
  • Includes reads, writes, creates, deletes, renames, security setting changes and denies on Windows file servers, NAS, and Windows workstations.
  • Choose from criteria such as user name, domain group membership, time of day, program accessing the file, usage behavior, thresholds, and much, much more.
  • Track file/folder access by name/location or by type of file. You have the flexibility to track everything or very specific things.
  • Watch the watchers - Track privileged user access activity and block privileged users as desired.
  • Track what files and folders were deleted or renamed so when users call asking where their files/data went you can easily respond.
  • FileSure uses so little CPU that it usually shows up as 0%; users won't even know it is there. Advanced processing prioritization; optimized for real-time processing; non-real time item processing is delayed until system capacity will allow it.
  • Avoids "audit storms" by collapsing duplicate events and filtering out noise.
  • Track user session state changes, remote controls, and logon/logoff activity.


Protect data

  • Control access to files and folders without ever touching an ACL (Access Control List).
  • Control/manage by all the criteria mentioned above, and not just by user, but also by process. Allowing only people in the Finance group to access Financial data is now easy to accomplish!
  • Stop file copies/moves to USB drives, external drives, webmail attach, CD/DVDs, secure FTP, "save as" and more-on both servers and workstations.
  • Detect and investigate bulk moves, especially to removable drives or CD/DVD drives.
  • Block bulk read or writes; anything more than a threshold you set can be stopped; of course an alert can concurrently be issued.
  • Detect and investigate web-mail attach or USB device usage period.
  • Control the use of administrative shares so administrators can do what they need to do, yet not see things they shouldn't.
  • Stop accidental block deletes - Set a threshold for allowable activity, not just deletes, and then once the threshold is crossed, stop allowing additional access actions to occur and optionally send an alert email that this is transpiring.
  • Block cut/paste of sensitive information - automatic clipboard clearing when user changes from one application to another. This will keep them from cutting content from WORD or PDF and inserting it into a webmail email which of course is a separate application (IE, Firefox, Chrome, etc.).


Improve Security

"Defense in Depth"
  • Protect from malware zero-day attacks that are able to exploit signature based systems via an approved application list (white-list); If not on the list, it can't be read from the drive in the first place so there is no way it can run.
  • Block web-site changes; lock down your web site content and source code from being changed so hackers cannot deface your site or land malicious payloads; Another good side effect is that your developers cannot role out new functionality during the production day. This reduces risk of issues being introduced... yes, you can allow the developers to make updates in a specified time window.
  • Ensure file integrity - Monitor all file changes and protect your known executables and configurations from being changed or maliciously replaced.
  • Block executables from running from USB attached devices (aka "switchblade attack"). This is accomplished by blocking "read" of any executable files from USB drives!


Comply with regulations and security policies

  • Meet requirements for HIPAA, NERC-CIP, PCI DSS, FISMA, FERPA, 21-CFR-11, SOX, and more.
  • Many regulations require that you ensure file integrity. Obviously that is easy to accomplish with FileSure.
  • Know what privileged users are accessing and doing with your data.
  • Know when configurations change.
  • Know when new or changed applications are installed.
  • Protect from malware, wrong-doers, and inadvertent violations.
  • Know what users are accessing and what they are doing with the data - such as hospital patient records, financial data, HR data, customer data, proprietary designs & intellectual property, and even military data.
  • Satisfy random auditor requests - Extensive report templates provided out of the box with the ability to create customer reports and even export that data to excel, access, and others for self-search and data filtering/manipulation.
  • Meet file integrity monitoring requirements.
  • FileSure integrity - Comprehensive self-logging of any FileSure rule changes in the Event Log, Syslog and Data store
  • FileSure integrity - FileSure can be invisible on the protected machine and can also be locked so it cannot be shut down.
  • FileSure integrity - Availability assurance via regular logged heartbeat.
  • FileSure Integrity - Tightly control access to FileSure by only allowing specific administrators to read "Filesure.exe."
  • Comprehensive console security for limited access to program configuration and settings.
  • Meet log archival requirements via existing backups since FileSure logs are file-based; Ability to search through archived log data simply by placing the log files back in the FileSure directory.


Comprehensive views, reporting, alerting, data export, and user-specific interfaces

  • Leverage over 50 report templates as-is and/or build customized reports and queries in minutes.
  • Schedule reports and have them emailed and/or saved in a folder in the format you desire (PDF,XLS,CSV, XML, HTML).
  • Leverage multiple filtering criteria to view and isolate precisely what you need.
  • Alerting by email when certain events or accesses occur or when thresholds are crossed.
  • Export audited data to Microsoft Access and leverage our web console to allow non-privileged users, such as auditors and management, to run their own queries to get what they need.
  • IT privileged user thick client - Powerful interface for comprehensive policy/rules management, configuration, viewing, reporting, alerting, etc.
  • Non-privileged user lightweight interface - Web client for non-privileged users to view and query published data without allowing them access to FileSure.
  • Search for trends - see usage trends by user-and then filter by time, file type, the program accessing the files, and much, much more. The result? You find abnormalities you wouldn't have otherwise seen.


Secure DataStore

"No DB required"
  • NO database to buy or maintain - Just install and go - no need for database purchase or management, and no involvement of a database administrator.
  • Ensure data integrity - We use SQL-Lite which is a file-based data store so it is safe, simple to back up, and allows audit information to be pulled much faster than database retrieval.
  • All data at rest is both encrypted and compressed.


Ensure consistency across organization

  • Intelligent and distributed rules management. You can define parent and children nodes and have the children obtain their rules from a specific parent. This makes it easy to have one rule set for one department/division of the company and another rule set for another. You also can create local "child" rules in addition to the rules being managed at the parent.


Windows event log support

  • FileSure will watch and collect specific events, based on the event IDs, from the Windows event log and write them to the FileSure DataStore. You can also leverage the FileSure viewing, trend analysis, reporting, and alerting on these events just as you would for any FileSure logged activity.
  • Optionally write to the Windows security event log and/or syslog in addition to the FileSure log. FileSure will always write to it own DataStore. Supporting the writing to these other logs allows for companies that are leveraging a SIEM (Security Incident and Event Management) solutions to extend those and automatically collect what FileSure logs.


System Requirements:

Category Minimum Requirement
Memory 512 MB
Hard Disk 1 GB
Operating System One of the following operating systems and service packs (32 and 64 bit):
  • Windows 2003
  • Windows 2003 R2
  • Windows 2008
  • Windows 2008 R2
  • Windows 2012
  • Windows 2012 R2
  • Windows XP
  • Windows Vista
  • Windows 7
  • Windows 8
  • Windows 10
Supporting Software Microsoft .NET Framework 2.0 or later