ESET Protect - Reporting insecure endpoints

[Andrew K 0]

Hi all,

We are using ESET for asset management in remote outposts of our company. Today I was presented with a laptop which the user told me I could go ahead and power on because 'there is no password'.

With all the encryption tools etc that are available to us in ESET has anyone got any suggestions how I can get ESET to report active (or historic) users logged in without a password on their account? I've done a few searches but it only seems to come up with the ability to lock settings.

Thank you, Andrew

[Marcos 5,332]

It is out of scope of ESET products to report accounts that logged in after a long time. According to Copilot:

There are several ways to report or monitor accounts that log in after a long period of inactivity. Here are a few solutions you might consider:

1. Automated Alerts: Many systems and platforms allow you to set up automated alerts. These alerts can notify administrators when an account logs in after a specified period of inactivity.

2. Audit Logs: Implementing detailed audit logs can help track user activity, including login times. Regularly reviewing these logs can help identify unusual login patterns.

3. Security Information and Event Management (SIEM): SIEM solutions can provide real-time analysis of security alerts generated by applications and network hardware. They can be configured to flag logins from dormant accounts.

4. Custom Scripts: If your system allows, you can write custom scripts to check for logins from inactive accounts and generate reports or alerts based on this activity.

5. User Behavior Analytics (UBA): UBA tools can help detect anomalies in user behavior, such as sudden logins after a long period of inactivity, and can trigger alerts for further investigation.

6. Multi-Factor Authentication (MFA): Enforcing MFA can add an extra layer of security for accounts that have been inactive for a long time, ensuring that the person logging in is indeed the legitimate user.