ACL privilege monitoring

What is ACL Manager?

ACL (access control lists) – is a functionality that is used in companies and institutions, especially larger ones and those with a distributed structure. It allows monitoring the rights to disk resources (folders) granted to employees and colleagues. The implementation of ACL Manager allows you to effectively manage the rights of a specific user, which directly affects IT security.

ACL Manager in the eAuditor system

The ACL Manager functionality in the eAuditor system allows you to inventory and monitor permissions to local and shared resources. This is possible thanks to the integration (API) of the eAuditor system with Microsoft Active Directory. The functionality allows the administrator to monitor the permissions of all users in one system. It allows to supervise employees performing their tasks stationary in the office, as well as those working remotely. Thanks to the use of tree structures, access to the presented data is simpler and much faster. Maximum ACL permissions are divided into three groups of so-called ACL dimensions:

a) folder – contains ACL lists of all local and network folders,

b) user – contains a list of all users – domain and local,

c) user groups – contains a list of user groups – domain and local.

The ACL Manager functionality allows monitoring of 13 types of permissions:

• Read Data – determines the right to read the file,
• Write Data – specifies the right to open and save a file or folder. It does not include the right to open and save file system attributes, extended file system attributes, and access and audit policies,
• Append Data – determines the right to add data,
• Delete – specifies the right to delete a folder,
• Delete Subdirectories and Files – specifies the right to delete a folder and any files contained in that folder,
• Execute File – determines the right to run the application file,
• Read Attributes – specifies the permission to open and copy file system attributes from a folder or file. For example, this value specifies the right to view the creation or modification date of a file. It does not include the right to read data, extended file system attributes or access and audit policies,
• Read Extended Attributes – specifies the right to open and copy extended file system attributes from a folder or file. For example, this value specifies the right to view author and content information. It does not include the right to read data, file system attributes or access and audit rules,
• Read Premissions – each time specifies the right to open and copy access and audit rules from a folder or file. It does not include the right to read data, file system attributes and extended file system attributes,
• Write Attributes – specifies the right to open and write file system attributes in a folder or file. It does not include the ability to write data, extended attributes, and access and audit rules,
• Write Extended Attributes – specifies the right to open and write extended file system attributes in a folder or file. It does not include the ability to write data, attributes or access and audit rules,
• Change Permissions – specifies the right to change security and audit policies related to the folder,
• Take Ownership – specifies the right to change the owner of the folder. Note that owners of resources have full access to them.

Is it worth it to take advantage of the ACL Manager functionality?

ACL Manager provides, among other things:

• inventory of current access control list of users, user groups, folders and folder groups, types of permissions used – thanks to the API built into the eAuditor system, the reading takes place automatically and according to a set schedule,
• monitoring of permissions divided into local and network (shared) – the system allows you to read users, groups and folders and builds relationships between all objects, indicating its properties,
• increase protection against leakage of confidential information – by monitoring employees’ rights to resources, the risk of potential data leaks is reduced,
• possibility of free filtering of permissions due to folders, groups or users – in eAuditor, you can not only monitor access to folders, but also filter data according to your preferences,
• simple presentation and visualization of ACL data – this is made possible by the implementation of tree structures, which makes it much easier for the administrator to view and interpret the data,
• integration with Microsoft Active Directory – which allows the presentation of permissions to local and shared resources via a special API.

You may be interested in