Securing user access to sensitive data across a large enterprise is a top priority for our client, a leading French manufacturer of oil and industrial lubricants.
The Challenge
File access events couldn’t be traced back to individual users
For our client’s head of information systems security, his journey to FileAudit started with the simple question, “What happened with this file?”
Realizing none of their existing tools offered a quick response to that question, his team began looking for a way to pinpoint exactly which user moved or deleted data. In other words, they needed to track who did what with files across their network.
A quick Google search for Windows file auditing and monitoring solutions led him straight to FileAudit.
The Solution
Easy to use file server monitoring and auditing
The head of information systems security appreciated that he was able to get his hands on the product right away with the 20-day free trial.
I tested it, and liked the ergonomics, the layout, and how easy it was to install and use. The fact that FileAudit is also 100% on-premise was perfect for us.
Head of Information Systems Security
During testing, he verified that FileAudit gave easy, quick visibility across file access events, making it easy to track which user was doing what, and simplifying reporting.
The Result
Windows file access reports serve as key evidence to identify insider threat
The team set up daily reports that are automatically saved to a folder, allowing him to have a backup if ever he has a problem with his database.
His investment in data loss prevention (DLP) and FileAudit’s ability to tie specific users to file access events has paid off big for the company. Just a few years after adopting FileAudit, a user downloaded a lot of data because he wanted to set up his own, competing company. He then deleted en masse over 70 GB of data of the lab's analysis and client results, hoping this “big mistake” would help him poach unhappy clients.
When the head of information systems security and his team realized lots of files were missing, they looked to their FileAudit reports and saw the user had deleted the files. Thanks to FileAudit and their backup system, they were able to identify the insider threat and restore all files without losing any sensitive information.
Our client’s legal team submitted their FileAudit reports as evidence in French court. After reviewing FileAudit’s technical capabilities and how the tool generates these reports, the reports were admitted as evidence to prove that the user was indeed guilty.
There’s no doubt that our FileAudit access reports served as key evidence in our legal action. I happily recommend it to anyone I know who’s looking to track which users are doing what across their network
Head of Information Systems Security