Auditing File Access

Posted by George Crump, Sep 2, 2008 10:47 AM

During a recent briefing with Cofio Software on its new AIMstor product, the discussion of file auditing or file logging came up. File auditing is the ability to see who has created, modified, or deleted a file and to take appropriate measures.

There are a few packages out there that do so as a standalone capability; FileSure from ByStorm and Quest Software's Intrust Plugin for File Access.

There also are various content management platforms out there. The challenge with these is getting everyone to use them consistently, which seldom seems to happen. These file-level utilities exist and will grow in demand because not everyone is going to implement content management platforms and even if you do, that consistent use issue keeps coming up.

With file auditing you can know who has accessed what files, who has modified those files, and who has deleted those files. This is good. For example, it would be helpful to know that one of your top administrators had accessed that annual salary spreadsheet prior to your review with him. Ever wonder how someone gets all of that payroll detail? Ever wish you could prove it? File auditing lets you know.

These tools are now becoming more sophisticated where they can take action based on this information. For example, you could have a policy that dictates that if the CFO changes a spreadsheet in the finance directory, that version of that file is copied out to a WORM-based Disk Archive for compliance reasons. Or if a file is copied by a user to a USB stick, you are sent an e-mail the moment it happens. Many copies to USB sticks are legitimate, but a quick scan of what is being copied where might be a good idea.

Of course, you can stop this copy to USB all together with data blockage (or the more draconian, disablement of USB) which should really be integrated into the whole process ... more on that tomorrow...

Track us on Twitter: http://twitter.com/storageswiss.

Subscribe to our RSS feed.

George Crump is founder of Storage Switzerland, an analyst firm focused on the virtualization and storage marketplaces. It provides strategic consulting and analysis to storage users, suppliers, and integrators. An industry veteran of more than 25 years, Crump has held engineering and sales positions at various IT industry manufacturers and integrators. Prior to Storage Switzerland, he was CTO at one of the nation's largest integrators.

« Microsoft, Jealous Of Apple And Google, Working On Apps Store Of Its Own | Main | Busy Week For E-Discovery: Part 2 »

This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.

Blog Categories
Healthcare Cloud Computing Enterprise 2.0 Digital Life Grok On Google Over The Air Outsourcing Global CIO Startup City Information Management Content Management Green Computing Full Nelson Unified Communications	Government IT Analytics Tech Stocks Interop Security Microsoft Apple Unvarnished Open Source Wolfe's Den David Berlind's Tech Radar Virtualization Storage Backup and Business Continuity Blog Homepage

Multicore Programming Blog

Join The InformationWeek Group On LinkedIn

InformationWeek

Business Innovation Powered By Technology

Auditing File Access