Any tiny detail or process on the network are very important and need to be monitored on a regular basis. For instance, the network devices’ and services’ operation has to be audited; hardware and software must be inventoried.
Even shared files and folders have to be under the system administrator’s control. Why is it so important to audit access to shares?
Sooner or later, any company meets the following problems: files disappear, important documents are modified or replaced by users without notifying anyone. Especially, it often happens in big organizations with a lot of employees. Managers and heads of departments know perfectly that such accidents can sometimes stop the whole department’s operation.
That obviously has a negative impact on the company’s reputation. Determination of guilty employee in this case can help to find careless or irresponsible users, and prevent such unpleasant situations in future. It is very difficult and, we would say, even impossible to determine the guilty employee without the shared folder access audit. There are not so many people who can admit mistakes they have done. That is why the system administrator has to solve one more problem on the network – he has to perform the constant share audit.
How this process can be performed?
For this purpose, special software for the share audit can be used. It is to be installed on the file server and works as service, so it is totally invisible for users. The program maintains the log file and answers three main questions that the system administrator has to know: who, what, and when?
1. Who uses shared resources: from what PC and under what user account.
2. What users do with the shared files: whether they just view or modify them, or perhaps they delete files or copy them on their PCs.
3. When do employees access to shared folders.
Above all, the system administrator can always disable access to particular shares when necessary in couple of mouse clicks.
An advanced network share access audit tool might have another advantage: the system administrator has an opportunity to configure the program’s notifications or alerts on connections to shared resources. He can receive an e-mail, screen or sound notifications when users connect to certain shared folders or files. Thus, the system administrator can be always aware when:
– Files, that contain important information, have been edited.
– Critical documents have disappeared.
– Information, that has to be kept in particular folder, has been moved to another one.
– Company’s documents, that contain private information, have been copied on users’ computers.
All these aspects auditing allows the system administrator to take instant actions on the information protection and preventing the data leak. In addition, he has an opportunity to start recovering the deleted data immediately from a backup copy. All that he needs is to manage the correct shared resources audit.
Thus, to prevent the unpleasant situations that are connected with using shared resources the system administrator does not need to do as much as it seems. He just has to organize the correct monitoring of shared folders and documents.
This was a guest article from Dmitriy Stepanov.
He suggests this shared files access monitoring software.