XYGATE Access Control Quickly Identifies Root Cause of System Outage

Background
Before this credit card processor began utilizing XYPRO software solutions and services, they had a manual checkout process for privileged account ids. In it a Tech Support Manager would manually process requests and release privileged account credentials for approved requests. This process was not only inefficient, but diluted accountability for the actions of those privileged IDs. Once the password was released, there was no way to track which commands were executed under that privileged ID. Additionally, if multiple people were using the privileged ID at the same time, there was no way to distinguish who executed each command. After implementing XYPRO’s XYGATE Access Control (XAC), not only was their process streamlined but it also increased security and accountability with capabilities like easily configurable access controls and keystroke logging, all while still providing their users with the privileged access needed to do their jobs.

Problem
In early 2018, the client encountered issues during a major system upgrade which impacted their business operations as well as those of several external customers. After they were unable to restore normal operations, the systems upgrade was stopped and reverted back to its previous state. Hours were spent attempting to resolve the issues and more time was spent attempting to identify the root cause. It wasn’t until the next day that the root cause was discovered.

The XAC Keystroke Report saved countless hours of research to determine the root cause of our issue.

– Spokesperson, Payments Processor

Solution
An XAC keystroke log report determined that the problem was caused by human error. A technical team member had mistakenly executed an erroneous command, which impacted system communications. The client declared that “without the XAC keystroke log report, we may have never discovered the root cause.” Armed with the root cause, the company was able to inform impacted customers and reassure them that they had taken steps to make sure this type of outage unlikely to occur again. Additionally, the company created training to educate employees about proper privileged account id usage.

Read More