Monitor & Audit File Deletion & Falsification across Windows Servers.

A leading manufacturer in the European Automotive Industry needed to protect important or sensitive files from deletion or falsification. Through FileAudit’s access monitoring and auditing capabilities, the manufacturer has been able to report and track usage of all sensitive files on its Windows network.

file auditing dashboard

The risk of files being deleted or tampered with

As an international group dedicated to the design, development, and manufacture of automotive components, the group specializes in developing products to achieve increasingly safer and lighter vehicles, thereby reducing energy consumption and environmental impact. Positioned at the forefront of innovation in the automotive sector, each division holds many sensitive and important files that are at risk of malicious or careless actions from network users.

Given the sensitive and important nature of these documents, the group could not risk the files being deleted or tampered with in a way that could impact the company’s work with its clients.

File access had become a security issue with incidents of files being falsified and deleted. It had proved impossible to determine who accessed what file, the actions they took and address any incident with an individual.

As a result, the IT team needed to be able to track who was making changes to the documents, monitor file access and audit events across the organization. The team needed precise answers to who did what, when and from where.

The IT Engineer for the group, said:

“Previously there was no monitoring or reporting of any file access or access attempts. We had no way of knowing who had been falsifying documents or even who had deleted documents.”

“With over 200 users we needed a solution that could continuously track and audit all access events such as a file deletion or file modification.”

In general, Native Windows Server auditing is considered insufficient to support such business requirements. Manually monitoring and auditing file access and access attempts across Windows File Servers is both time-consuming and overwhelming.

How to find out who deleted files from network share

Both the technical capabilities and its affordability led the IT Team to choose FileAudit. Criteria for evaluating the software included ensuring the installation was without intrusion. With a simple agentless deployment, FileAudit can be quickly installed without intrusion or the typical cost and effort usually required.

This new agentless technology is based on a Windows Service installed on the FileAudit host. There is no mandatory requirement to install FileAudit on the system that is to be audited. Any machine meeting the requirements can be used as a remote host for FileAudit. The server that is then remotely audited requires no further installation.

Other important criteria that had to be met were the ability to offer accurate and comprehensive information on all access events across the system. FileAudit provides this instantly through its schedulable, automated and multi-criteria reporting. It provided the IT team with the required complete visibility of all activity across their Windows File System.


Better control and management for auditing is also offered by filtering access events by type, user account or time range. Without FileAudit finding answers about file access activity can be time-consuming and challenging. FileAudit finds the answers you need from audited access events with far less effort.

“The simple interface makes FileAudit really easy to use and the deployment was very quick taking less than one hour. The non-intrusive software offered us accurate and comprehensive results quickly. The technical capabilities alongside its price led us to choose FileAudit”

In less than one hour, the team was able to deploy FileAudit for its 200 users.

Through FileAudit’s access monitoring and auditing capabilities, the group has been able to report and track usage of all sensitive files on its Windows network. Previously if an important file was deleted or changed, they were not able to know what happened. By monitoring all access events with FileAudit the group can now see who has made changes and who is responsible for deleting files.

Download a Free 30Day Trial   

FileAudit offers a simple more user-friendly way to safeguard and secure file access within an organization. It makes it easy to see what’s happening with sensitive files and quickly identifies access events that need to be reviewed or remediated.

Share this post :


Chris Bunn is the Directeur Général Adjoint of IS Decisions, a global cybersecurity software company, specializing in access management and multi-factor authentication for Microsoft Active Directory environments and the cloud.