When it comes to protecting data theft perpetrated by insiders, “10 ways to make sure your data doesn’t walk out the door” (written by Deb Schinder and published on TechRepublic website) recommends to set up auditing file access on files and folders that contain sensitive data so that you can see who accessed it and when. FileAudit is mentioned as a third party file audit software that can indeed audit file access across multiple servers.
The article contains an up-to-date look at the critical areas concerning data theft by someone inside a company or organization.
Auditing file access with FileAudit software
From its own console or with a simple right click in Windows Explorer, FileAudit indeed instantly provides IT Security teams with an error ridden and comprehensive list of:
- read/write accesses
- appropriation attempts (accepted or denied)
- permission modification attempts (accepted or denied)
each record detailing:
- the user
- the domain
- the date and time of connection and disconnection
for:
- a file
- a selection of files
- a folder and subfolders
- a selection of folders and subfolders
FileAudit is officially compatible with Windows 7 and can also :
- be scheduled to automatically archive into a database, at regular intervals, the access events occurring on one or more Windows systems for permanent storage.
- display file/folder access history in a printable report that can be scheduled to run automatically.
- export generated results in ASCII format, allowing their use in view of an audit or for subsequent analysis and control.
Update. FileAudit 4 released in 2013 and adds more capabilities to file auditing across multiple servers. Read more on the review of FileAudit4 from PCMag on FileAudit here.