X
Icon

The 21st Minute


Blog

Computer Security

CaseWare IDEA Applications

Jan 01

Here are some examples of analyses that can be performed using IDEA. Data from different systems can be brought together for complete analysis. Ultimately, you are only limited by your imagination.

An area where IDEA has been used with particular success is in conducting security audits. Normally on a security audit the various controls over access are evaluated, the types of journals and logs that are kept are considered, and the way the system is administered and monitored is assessed. To complement these theoretical evaluations, a much more substantive approach to checking security can be conducted using IDEA. In overview, system level commands are used to create files containing data such as systems logs, access permissions, and folder structures. These files are then imported into IDEA. Various tests can then be carried out to determine if security is adequate.

Access Rights

  • Identify accounts with:
    • Passwords not set or not required for access
    • Passwords that are less than the recommended number of characters
    • Access to key directories
    • Supervisor status
    • Equivalence to users with high level access
  • Identify accounts that have not been used in the last six months
  • Identify group memberships
  • Age password changes

File List Analysis

  • Identify duplicate names
  • Identify old files
  • Analyze files by folder
  • Analyze file sizes by owner
  • Identify last access dates for old files
  • Analyze databases and files by file name extension
  • Identify all files without an owner (i.e., where user accounts have been removed from the system)
  • Test for .COM, .EXE or .BAT files in areas where there should not be programs

System Logs

  • Generate a list of accesses outside standard office hours.
  • Generate a list of accesses while users are on holiday/sick leave.
  • Identify users, particularly those with supervisory rights, who are logged in for long periods of time.
  • Perform analysis by user – identify those with higher use than might reasonably be expected.
  • Summarize by network address to identify:
    • All users with their normal PCs.
    • All PCs with their normal users.
    • Users on unusual PCs.
  • Summarize charges by user to determine resource utilization.
  • Analyze utilization by period (i.e., daily, weekly, monthly) to show historical trends

Applications , CaseWare IDEA



Posted By

By


Related Posts
Give Python a Go
Give Python a Go
Mar 29 Python is considered the official programming language for non-programmers. It gives you increased flexibility and expansive access to your data. For those usin...
Unconventional Analysis
Unconventional Analysis
Jan 24 Data is often underutilized. The opportunity to use data analytics to gain insights, add more value and unravel opportunities are endless. We’ve rounded u...
5 Avenues for Importing Data into IDEA
5 Avenues for Importing Data into IDEA
Nov 21 One of the greatest benefits to CaseWare IDEA is the sheer amount of data it can read and make universally consumable – both in file types and in data...

BROWSER NOT SUPPORTED

This website has been designed for modern browsers. Please update. Update my browser now

×