FileAudit, which enables IT professionals to proactively monitor access to company-sensitive files and folders on Windows systems in real time, has received a major update.
The latest version, FileAudit 5, includes three significant new features to better protect files from unauthorized access and alteration of sensitive information.
Alerts to bulk file copying and alteration
FileAudit 5 can now detect and send administrator alerts for bulk file copying and mass deletion or movement. Such mass access events can indicate a potential breach.
This new type of mass access alert can monitor the frequency of an access type to files or folders, performed by the same user. Alerts can then be triggered when a user performs a number of accesses deemed beyond the tolerated threshold for a defined period of time.
When a significant number of read accesses are performed during a short period of time, the probability is that the user has executed a bulk file copy. Similarly, when a significant number of deletions are performed during a short period of time, the probability is the user has either deleted or moved a large number of files.
The alerts indicate the user name, source, the date and time of the violation as well as the alert parameters, making it easy to further investigate with FileAudit, Full access reporting with FileAudit.
Tracking file access by IP address
FileAudit can now retrieve and display the IP address of the machine from which you access a file or folder. This indicates from exactly where a user has performed their access or access attempts.
Every file access performed across the network can be traced back to their original IP source, valuable information to help identify suspicious, or potentially suspicious activity – such as if the user has accessed files from a different workstation than normal.
It’s also possible to define an IP address as selected criteria to trigger an alert, or as search criteria for a scheduled report.
Alerts on irregular access time
FileAudit 5 also helps to minimize the risk of files accessed during non-business hours.
When configuring alerts, a new tab allows you to define the days and hours during which access is considered ‘normal/regular’ – or we could say the established business hours.
All access out of the hours configured will then be considered as ‘irregular’ and will trigger the alert if the other criteria are also satisfied.
So for example, access times can be defined as 7am to 8pm Monday to Friday. Any access before 7am or after 8pm that meets this alerts criteria will trigger a warning. Likewise the alert will be made if the access is made during the weekend.
Defend and quickly react to file access events
FileAudit 5 is designed to protect sensitive enterprise data from potential theft, alteration or deletion. The new features not only give IT professionals optimal visibility into what is happening to the organisation’s sensitive data, but the opportunity to react quickly in identifying potential abuse therefore reducing risk of security breaches significantly.
Organisations can also prove to regulators that sensitive information is being monitored and protected effectively through comprehensive monitoring on all access activity to data found on files, folders and file shares. This helps regulated organisations meet compliance requirements and avoid compliance-related penalties.
A Free Fully Functional 20 Day FileAudit 5 Trial
Easy to use, it’s just as easy to configure. Install FileAudit in less than 3 minutes, just select the files you intend to audit and your up and running.