Identity Protection - Risky users
anDREa monitors and evaluates for "Users at Risk" warnings.
User at risk detected
We detected a new user with at least high risk in your andreanl directory. This might be because we noticed suspicious account activity or we found their emails and passwords posted in a public location.
The course of action can differ, but can result in:
- Disable/block user(s)
- Revoke all active sessions of the user(s)
- Force to reset password of the user(s)
- Inform the involved user(s)
- Inform the relevant Support Team(s)
- Inform the involved Workspace Accountable(s)
- Inform the relevant (CI)SO(s)
How we know who might be at risk
Some people in at anDREa get an email, will examine the report and appropiate action is discussed.
Email
Example of such a report
Related Articles
20210224 Pentest 2021-Q1 Report & 20210301 White Box Security Audit 2021-Q1 Report
In accordance with our Pentest Program, anDREa engaged nSEC/Resilience for the anDREa White Box Security and the Pentesting 2021-Q1. The core questions being: Can non-authorized people or services access Workspaces or affect anDREa’s core services? ...
20220713 Report Azure White Box Security Audit
Version: 2022-07-14 Introduction anDREa has a Pentest Program program as part of the commitment to protect the security of its business information. At least once a year we request an external party to do the pentest and a white box security audit. ...
Data Protection Impact Assessment (DPIA)
First version: 2021-05-13 Last updated: 2024-03-07 Last change: Added link to NEN-7510 article. Introduction anDREa is committed to the GDPR. The purpose of this document is to describe anDREa’s Data Protection Impact Assessment (DPIA). The template ...
20220607 Security Management Report
As part of anDREa's commitment to maintaining an Information Security Management System (ISMS) based on ISO 27001 please feel free to download and read the attached anDRE's 20220607 Security Management Report.
Data Protection policy
First version: 2021-05-13 Last updated: 2023-10-25 Last change(s): Added links to GDPR compliance assessment, Data Handling policy, GDPR Article 5; Modified contact information; Substituted Azure DRE for myDRE; Formatting. Approval: 2023-10-26 ...