{"id":2583,"date":"2021-12-03T11:56:21","date_gmt":"2021-12-03T17:56:21","guid":{"rendered":"https:\/\/staging2.idsinc.com\/case-studies\/client-received-production-text-messages-as-pdfs-client-wanted-to-know-about-actual-texts-copy\/"},"modified":"2024-07-08T14:14:28","modified_gmt":"2024-07-08T20:14:28","slug":"sistema-de-acceso-de-la-empresa","status":"publish","type":"page","link":"https:\/\/idsinc.com\/es\/case-studies\/access-company-system\/","title":{"rendered":"Investigaci\u00f3n interna de acceso inapropiado de empleados al sistema de la empresa"},"content":{"rendered":"\n
\n
\n
\n
\n \n
\n
\n \"Investigaci\u00f3n \n <\/div>\n \n \n <\/div>\n <\/div>\n <\/div>\n <\/div>\n
\n
\n
\n \n
\n

\n \n DESAF\u00cdO <\/span>\n\n \n \n <\/span>\n <\/h2>\n<\/div>\n\n\n
\n
\n
\n
\n
\n
Nuestro cliente recibi\u00f3 un aviso interno de que un empleado estaba accediendo de manera inapropiada al informe hist\u00f3rico de n\u00f3mina almacenado en la infraestructura segura del cliente. <\/h5>\n

Nuestro cliente necesitaba realizar una investigaci\u00f3n interna, m\u00e1s all\u00e1 de las fronteras internacionales, para evaluar el potencial de tener que proporcionar una notificaci\u00f3n de violaci\u00f3n de datos a los empleados en relaci\u00f3n con el acceso inapropiado a los datos de n\u00f3mina. Espec\u00edficamente, el cliente ten\u00eda tres preguntas que necesitaban respuesta:<\/p>\n

    \n
  • Qu\u00e9 empleado(s) (si alguno) accedi\u00f3 a los archivos dentro de un determinado directorio en la red<\/li>\n
  • A qu\u00e9 archivos (si los hay) se accedi\u00f3 dentro de ese directorio determinado<\/li>\n
  • \u00bfHubo alguna evidencia de que alguno de esos archivos dentro de ese directorio determinado (al que accedieron los empleados bajo investigaci\u00f3n) sali\u00f3 de la red?<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n\n
    \n

    \n \n Soluci\u00f3n <\/span>\n\n \n \n <\/span>\n <\/h2>\n<\/div>\n\n\n
    \n
    \n
    \n
    \n
    \n
    El equipo forense de iDS se puso en contacto con el grupo de TI del cliente para implementar y adquirir de forma remota artefactos forenses que permitieron a iDS aprovechar la plataforma xIOT\u00ae para analizar la actividad de 150 personas, todo realizado de forma remota y encubierta.<\/h5>\n

    El equipo forense de iDS se comprometi\u00f3 de inmediato con los recursos de TI locales para implementar nuestros scripts patentados para adquirir artefactos forenses espec\u00edficos sobre la actividad del usuario en 150 dispositivos locales diferentes. Todo esto se hizo de forma remota y encubierta para no alertar a ning\u00fan posible malhechor.<\/p>\n

      \n
    • Los archivos de datos resultantes se cargaron en iDS todas las noches, completando la captura de datos en todas las computadoras en 72 horas<\/li>\n
    • El equipo de an\u00e1lisis y datos estructurados de iDS carg\u00f3 los datos en la plataforma xIOT\u00ae todas las noches al recibirlos<\/li>\n
    • Nuestro cliente recibi\u00f3 acceso en l\u00ednea a xIOT\u00ae y un informe por correo electr\u00f3nico todas las ma\u00f1anas con actualizaciones de progreso y resultados<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n\n
      \n

      \n \n Resultado <\/span>\n\n \n \n <\/span>\n <\/h2>\n<\/div>\n\n\n
      \n
      \n
      \n
      \n
      \n
      iDS pudo identificar a la persona que accedi\u00f3 de manera inapropiada al sistema de n\u00f3mina, los archivos de n\u00f3mina espec\u00edficos a los que accedi\u00f3 y si los archivos estaban comprometidos o no (externamente), lo que finalmente permiti\u00f3 al cliente evitar tener que notificar a miles de empleados.<\/h5>\n

      Nuestro cliente pudo aprovechar los informes y nuestros hallazgos, que pudieron completarse en una semana, para determinar que no ten\u00edan ninguna obligaci\u00f3n de informar. Esto evit\u00f3 costosos gastos de notificaci\u00f3n, as\u00ed como un impacto negativo en la moral interna. Adem\u00e1s, como resultado de la investigaci\u00f3n interna preliminar, el cliente inici\u00f3 una investigaci\u00f3n completa sobre el empleado que luego fue despedido con causa.<\/p>\n<\/div>\n<\/div>\n<\/div> <\/div>\n<\/div>\n <\/div>\n <\/div>\n <\/div>\n <\/div>\n","protected":false},"excerpt":{"rendered":"

      Our client received an insider tip that an employee was inappropriately accessing historical payroll report stored within the client\u2019s secure infrastructure. Our client needed to conduct an internal investigation, across international borders, to assess the potential of having to provide a data breach notification to employees as it related to inappropriate access to payroll data. […]<\/p>\n","protected":false},"author":1,"featured_media":2485,"parent":33,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"team":[],"class_list":["post-2583","page","type-page","status-publish","has-post-thumbnail","hentry","has-post-title","has-post-date","has-post-category","has-post-tag","has-post-comment","has-post-author",""],"yoast_head":"\nInappropriate Employee Access to Company System - Case Study<\/title>\n<meta name=\"description\" content=\"In this Case Study, iDS discusses an Internal Investigation of Inappropriate Employee Access to Company System\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/idsinc.com\/es\/estudios-de-caso\/sistema-de-acceso-de-la-empresa\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Internal Investigation of Inappropriate Employee Access to Company System\" \/>\n<meta property=\"og:description\" content=\"In this Case Study, iDS discusses an Internal Investigation of Inappropriate Employee Access to Company System\" \/>\n<meta property=\"og:url\" content=\"https:\/\/idsinc.com\/es\/estudios-de-caso\/sistema-de-acceso-de-la-empresa\/\" \/>\n<meta property=\"og:site_name\" content=\"iDiscovery Solutions\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-08T20:14:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2500\" \/>\n\t<meta property=\"og:image:height\" content=\"1250\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/access-company-system\\\/\",\"url\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/access-company-system\\\/\",\"name\":\"Inappropriate Employee Access to Company System - Case Study\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/access-company-system\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/access-company-system\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-20219-accesscompanysystem.jpg\",\"datePublished\":\"2021-12-03T17:56:21+00:00\",\"dateModified\":\"2024-07-08T20:14:28+00:00\",\"description\":\"In this Case Study, iDS discusses an Internal Investigation of Inappropriate Employee Access to Company System\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/access-company-system\\\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/access-company-system\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/access-company-system\\\/#primaryimage\",\"url\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-20219-accesscompanysystem.jpg\",\"contentUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/12\\\/iDS-CaseStudyImages-20219-accesscompanysystem.jpg\",\"width\":2500,\"height\":1250},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/access-company-system\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/idsinc.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Case Studies\",\"item\":\"https:\\\/\\\/idsinc.com\\\/case-studies\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Internal Investigation of Inappropriate Employee Access to Company System\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#website\",\"url\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/\",\"name\":\"iDiscovery Solutions\",\"description\":\"Use data to your advantage in the courtroom\",\"publisher\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#organization\"},\"alternateName\":\"iDS\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#organization\",\"name\":\"iDiscovery Solutions\",\"alternateName\":\"iDS\",\"url\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/iDS-Logo-3c-e1611176096212.png\",\"contentUrl\":\"https:\\\/\\\/idsinc.com\\\/wp-content\\\/uploads\\\/2021\\\/01\\\/iDS-Logo-3c-e1611176096212.png\",\"width\":100,\"height\":73,\"caption\":\"iDiscovery Solutions\"},\"image\":{\"@id\":\"https:\\\/\\\/idsinc.com\\\/en_gb\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/iDiscovery-Solutions-110210573904472\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/idsinc\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCarv7o1MeYfCp0eZ1IrufIw\"],\"description\":\"iDS provides consultative data solutions to corporations and law firms around the world, giving them a decisive advantage \u2013 both in and out of the courtroom. iDS\u2019s subject matter experts and data strategists specialize in finding solutions to complex data problems, ensuring data can be leveraged as an asset, not a liability.\",\"email\":\"info@idsinc.com\",\"telephone\":\"+1.800.813.4832\",\"legalName\":\"iDiscovery Solutions\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Acceso inapropiado de los empleados al sistema de la empresa: estudio de caso","description":"En este estudio de caso, iDS analiza una investigaci\u00f3n interna sobre el acceso inadecuado de los empleados al sistema de la empresa.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/idsinc.com\/es\/estudios-de-caso\/sistema-de-acceso-de-la-empresa\/","og_locale":"es_ES","og_type":"article","og_title":"Internal Investigation of Inappropriate Employee Access to Company System","og_description":"In this Case Study, iDS discusses an Internal Investigation of Inappropriate Employee Access to Company System","og_url":"https:\/\/idsinc.com\/es\/estudios-de-caso\/sistema-de-acceso-de-la-empresa\/","og_site_name":"iDiscovery Solutions","article_publisher":"https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472","article_modified_time":"2024-07-08T20:14:28+00:00","og_image":[{"width":2500,"height":1250,"url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/idsinc.com\/case-studies\/access-company-system\/","url":"https:\/\/idsinc.com\/case-studies\/access-company-system\/","name":"Acceso inapropiado de los empleados al sistema de la empresa: estudio de caso","isPartOf":{"@id":"https:\/\/idsinc.com\/en_gb\/#website"},"primaryImageOfPage":{"@id":"https:\/\/idsinc.com\/case-studies\/access-company-system\/#primaryimage"},"image":{"@id":"https:\/\/idsinc.com\/case-studies\/access-company-system\/#primaryimage"},"thumbnailUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem.jpg","datePublished":"2021-12-03T17:56:21+00:00","dateModified":"2024-07-08T20:14:28+00:00","description":"En este estudio de caso, iDS analiza una investigaci\u00f3n interna sobre el acceso inadecuado de los empleados al sistema de la empresa.","breadcrumb":{"@id":"https:\/\/idsinc.com\/case-studies\/access-company-system\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/idsinc.com\/case-studies\/access-company-system\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/idsinc.com\/case-studies\/access-company-system\/#primaryimage","url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem.jpg","contentUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem.jpg","width":2500,"height":1250},{"@type":"BreadcrumbList","@id":"https:\/\/idsinc.com\/case-studies\/access-company-system\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/idsinc.com\/"},{"@type":"ListItem","position":2,"name":"Case Studies","item":"https:\/\/idsinc.com\/case-studies\/"},{"@type":"ListItem","position":3,"name":"Internal Investigation of Inappropriate Employee Access to Company System"}]},{"@type":"WebSite","@id":"https:\/\/idsinc.com\/en_gb\/#website","url":"https:\/\/idsinc.com\/en_gb\/","name":"Soluciones iDiscovery","description":"Utilice los datos a su favor en la sala del tribunal","publisher":{"@id":"https:\/\/idsinc.com\/en_gb\/#organization"},"alternateName":"iDS","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/idsinc.com\/en_gb\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/idsinc.com\/en_gb\/#organization","name":"Soluciones iDiscovery","alternateName":"iDS","url":"https:\/\/idsinc.com\/en_gb\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/idsinc.com\/en_gb\/#\/schema\/logo\/image\/","url":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/01\/iDS-Logo-3c-e1611176096212.png","contentUrl":"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/01\/iDS-Logo-3c-e1611176096212.png","width":100,"height":73,"caption":"iDiscovery Solutions"},"image":{"@id":"https:\/\/idsinc.com\/en_gb\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/iDiscovery-Solutions-110210573904472","https:\/\/www.linkedin.com\/company\/idsinc","https:\/\/www.youtube.com\/channel\/UCarv7o1MeYfCp0eZ1IrufIw"],"description":"iDS ofrece soluciones de datos consultivas a corporaciones y bufetes de abogados de todo el mundo, lo que les otorga una ventaja decisiva, tanto dentro como fuera de los tribunales. Los expertos en la materia y los estrategas de datos de iDS se especializan en encontrar soluciones a problemas de datos complejos, garantizando que los datos puedan aprovecharse como un activo, no como un pasivo.","email":"info@idsinc.com","telephone":"+1.800.813.4832","legalName":"iDiscovery Solutions"}]}},"builder_content":"<img src=\"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem-1024x512.jpg\" title=\"Internal Investigation of Inappropriate Employee Access to Company System\" alt=\"Internal Investigation of Inappropriate Employee Access to Company System\" srcset=\"https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem-1024x512.jpg 1024w, https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem-300x150.jpg 300w, https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem-768x384.jpg 768w, https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem-1536x768.jpg 1536w, https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem-2048x1024.jpg 2048w, https:\/\/idsinc.com\/wp-content\/uploads\/2021\/12\/iDS-CaseStudyImages-20219-accesscompanysystem-1320x660.jpg 1320w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/> <h1> Internal Investigation of Inappropriate Employee Access to Company System <\/h1>\n<h2>CHALLENGE<br\/><\/h2>\n<h5>Our client received an insider tip that an employee was inappropriately accessing historical payroll report stored within the client\u2019s secure infrastructure. <\/h5> <p>Our client needed to conduct an internal investigation, across international borders, to assess the potential of having to provide a data breach notification to employees as it related to inappropriate access to payroll data. Specifically, the client had three questions that needed to be answered:<\/p> <ul> <li>Which employee(s) (if any) accessed files within a certain directory on the network<\/li> <li>What files (if any) were accessed within that certain directory<\/li> <li>Was there any evidence that any of those files within that certain directory (accessed by the employee(s) under investigation) left the network<\/li> <\/ul>\n<h2>Solution<br\/><\/h2>\n<h5>iDS Forensics Team liaised with the client\u2019s IT group to remotely deploy and acquire forensic artifacts that allowed iDS to leverage the xIOT\u00ae platform to analyze the activity of 150 individuals, all performed remotely and covertly.<\/h5> <p>The iDS Forensics Team immediately engaged with local IT resources to deploy our proprietary scripts to acquire specific forensic artifacts about user activity on 150 different local devices. This was all done remotely and covertly so as to not alert any potential bad actors.<\/p> <ul> <li>Resulting data files were uploaded to iDS nightly, completing data capture on all computers within 72 hours<\/li> <li>iDS\u2019 Structured Data & Analytics Team loaded the data into the xIOT\u00ae platform nightly upon receipt<\/li> <li>Our client received online access to xIOT\u00ae and an emailed report every morning with progress updates and results<\/li> <\/ul>\n<h2>Result<br\/><\/h2>\n<h5>iDS was able to identify the individual that inappropriately accessed the payroll system, the specific payroll files accessed, and whether or not the files were compromised (externally), ultimately allowing the client to avoid having to provide notice to thousands of employees.<\/h5> <p>Our client was able to leverage the reports and our findings, which were able to be completed within one week, to determine that they did not have any reporting obligations. This avoided costly notification expenses, as well as a negative impact on the internal moral. Additionally, as a result of the preliminary internal investigation, the client launched a full investigation into the employee who was later terminated for cause.<\/p>","_links":{"self":[{"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/pages\/2583","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/comments?post=2583"}],"version-history":[{"count":0,"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/pages\/2583\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/pages\/33"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/media\/2485"}],"wp:attachment":[{"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/media?parent=2583"}],"wp:term":[{"taxonomy":"team","embeddable":true,"href":"https:\/\/idsinc.com\/es\/wp-json\/wp\/v2\/team?post=2583"}],"curies":[{"name":"gracias","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}