fbpx

Radar for Security & Audit

Prevent. Respond. Protect Office 365.

What is Radar for Security & Audit?

Radar for Security & Audit enables you to see exactly what’s happening in your Office 365 environment: every file modified, every login attempt, every password change, every mailbox accessed – including when, where from, and who by.

What makes Radar for Security & Audit different?

Unlike the native Office 365 Audit Log – which gives you all your activity in one, large, unwieldy view, Radar for Security & Audit enables you to segment, filter and clearly visualize activity, so that you can isolate events or threats quickly, using advanced search capabilities.

GDPR capabilities

One of the most daunting parts of GDPR is the requirement for data breach notification. End the fear with Radar for Security & Audit’s advanced filtering, alerting and timeline features, which simplify and demystify the complex mass of audit data that Office 365 produces. Radar for Security & Audit helps you quickly identify who had access to which files and what they did with them, greatly easing the process of identifying the scope and impact of data breaches.

See audit events across all major workloads in Office 365, including: Azure AD, Exchange Online, SharePoint Online, OneDrive, Groups, and our newest addition: Teams!

Key Use Cases

Verify Administrator Activities:

  • Identify each system change an Administrator has made and when.
  • Audit Administrator access to ensure there are no inactive or unnecessary Admins in your environment.
  • Track Administrators to ensure they are not using their permissions to access restricted data.

Visibility for Compliance, Security, and Data Protection Officers:

  • Gain crucial insight into actions, potential threats or breaches of policy in a platform that was previously inaccessible – allowing risk mitigation actions to be taken prior to an event.
  • Ensure that your Office 365 tenant is compliant with GDPR, and personal data is adequately protected.

Better reporting on DLP events:

  • Review triggered DLP policies across OneDrive, Exchange Online and SharePoint Online and refine your settings to ensure that important data doesn’t leave your organization.
  • Identify misconfigured DLP rules, or users that have repeatedly attempted to breach policies.

Audit mailbox access

  • Keep track of actions on VIP or sensitive mailboxes
  • Audit third-party mailbox access:
    • Administrators accessing user mailboxes
    • Delegates accessing other mailboxes
    • Users performing actions on their own mailboxes

Helpdesk support/ troubleshooting

  • Drill down to user-level and get an immediate context for that person.
    • For example, you can see they’ve logged in from New York this morning, recently uploaded a file, and accessed their mailbox.
  • Despite security being a primary function, this functionality could also be applied to helpdesk support for identifying and eliminating technical issues on particular workloads.

Key Features

  • On-event alerting: Investigate suspicious activity and potential threats quickly.
  • Save a filtered view so you can apply it instantly. No need to configure every filter each time.
  • Schedule and share reports: Information can be shared with the relevant people quickly and securely.
  • External threat detection: Detailed reports on anomalous behaviour that could indicate brute force attacks, hacking attempts, or strange log-in activity.
  • Longer data retention: Unlike the Office 365 audit log, audit data is retained by Radar for Security & Audit for a year, as long as you continue to subscribe to the service. If required, data can be stored for longer (at an additional cost).

Explore Radar for Security & Audit for yourselfSee what Radar for Security & Audit can show you in your environment – Free 14-day trial (no credit card, no commitment).

Interested in reporting on more than just security? Our Office 365 reporting and analytics application is built for enterprise needs, offering crucial business insights to help manage your IT environment.

FAQs - Radar for Security & Audit

A. The Audit Timeline gathers all common security and administrative events for the workloads supported including: Azure Active Directory, Exchange, SharePoint Online, OneDrive, and Teams. Events include every file modified, every login attempt, every password change, every mailbox accessed – including when, where from, and who by.

A. We store audit data for up to a year, but can extend this further if required.

A. We take security very seriously and have built Radar for Security & Audit to OWASP security guidelines:

Radar for Security & Audit runs within a Secure Private Network on the Amazon Web Services cloud, physically located in the North East of the USA. The Amazon Data centers are protected by certified security practices.

Customer data is logically separated in our back-end databases and is only accessible by senior Administrators. User account passwords are securely encrypted and stored within our database.

User accounts can be additionally secured using Two Factor Authentication which is available to all users free of charge.

All the components of our infrastructure communicate with each other over an encrypted SSL channel.

A. Radar for Security & Audit uses a read-only service account to collect your data. The account has no permissions to make changes to your environment. We collect meta data only, so we do not process (and cannot ‘read’) email contents.

A. Radar for Security & Audit is licensed per Office 365 user, per year. Find out more about pricing and the sign up process here.

whois: Andy White Freelance WordPress Developer London