The Top 10 Things to Look for in a File Auditing Solution

08.16.2017, File Server, by .

The top 10 things to look for in a file auditing solution

Auditing file and folder accesses on Windows File Servers enables you to see whether any users are accessing or trying to access resources without authrization. A large proportion of organisations are not making the most of file server auditing, choosing to stick to native auditing processes which can be both time-consuming and complex. At Lepide, we recommend deploying a third-party solution (obviously…), such as LepideAuditor.

With an increasingly mobile workforce and a trend towards remote working, it is becoming more of a challenge for IT teams to protect sensitive data and ensure compliance with industry regulations. Fortunately, there are still ways to ensure a secure IT environment. In this article, we will show you how you can use LepideAuditor to audit Windows File Server and NetApp Filer to enhance your security and meet regulatory compliance requirements.

1. Radar

An intuitive Radar Tab will help you to organize your file auditing. Whether you work on desktop, laptop or tablet, a good dashboard can make auditing quicker, smarter and more effective. With an unending stream of changes flowing into the application every day, you’re going to need a smart dashboard to make sense of them all! A good interface is not only soothing on the eyes, but also makes auditing fun, which means you’ll want to spend as much time on the solution as possible.

Fig 1 Dashboard

2. Real-Time monitoring

When you’re constantly monitoring file server activities; such as who read, wrote into, deleted, changed ownership of or changed permissions of a file (or attempted to do any of this), you can react immediately to any innappropraite or unauthorized activity.

Fig 2 Monitoring file server

3. Filtering capabilities

In the real world, you can’t keep scrolling down pages and pages of reports to reach the information you need; relevant records should be easily accessible. The only way to be able to do this effectively is by choosing a solution that enables you to apply filters on certain elements of the reports; such as user name, event time, event type and more.

Fig 3 Filtering capabilities

4. File Server intelligence tailored to your needs

There is no one-size-fits-all when it comes to choosing the right auditing solution for your IT environment. Although, there are third-party solutions available on the market that allow you to tailor the reporting to your specific needs. Customized reports help to ensure network safety and adherence to regulatory compliance.

Fig 4 customized reports

5.Real-time alerts

To stand any change of preventing a security breach, you need to be able to detect the symptoms instantly. The longer it takes to detect such changes, the bigger the damage. Any unauthorized or unwanted events; such as file deletion, permission change or even a file read, should raise red flags.

Figure 5 real-time alerts

6. Long-term, centralized storage of events

It’s possible your organization has numerous file servers to contend with. If this is the case, there should be a secure and centralized database of auditing logs for security, compliance and daily event reporting. This will ensure that you constantly have an available, searchable and secure audit trail to dig into.

Figure 6 events database

7. Automatic, scheduled reports

It’s quite frankly a waste of time to have to log into the system every time you want to see audit reports. In some cases, you’ll need to see what’s happening even if you are outside company’s premises. You may also be required by security or compliance mandates to schedule reports to be sent to multiple individuals at regular intervals. In these situations, your best bet is to find a solution like LepideAuditor that automatically generates and sends reports to the required recipients.

Figure 7 schedule report

8. Answer who, what, when and where questions

For any file access event on Windows File Servers, it’s important to have all the information available in one place. Additionally, to provide context to the change, before and the after values are required. The solution you go for should therefore be able to tell you who made the change, when and from which system at a glance.

Figure 8 who what when where report

9. Offline access to audit data

External auditors, non-IT executives and legal representatives may ask for offline access to audit reports. If this is the case, the auditing solution you have should be able to export all the pre-defined reports to different document formats for offline access; including PDF, CSV and MHT.

Figure 9 export report

10. Compliance-ready reports

To easily meet different compliance requirements (including HIPAA, FISMA, GLBA, PCI, SOX and more), you can’t be wasting time searching for relevant reports, filtering records and exposing the required columns to find the information you need. Nowadays, many auditing solutions (say…LepideAuditor) come with pre-defined compliance reports in separate, dedicated sections.

Figure 10 compliance report

Conclusion:

LepideAuditor for File Server enables you to speed up and simplify file auditing more effectively than any other solution. It’s simple to configure, will fit right into your strategic IT initiatives and help you meet your file server audit requirements. A trial version of LepideAuditor is available for free download here.

Lepide® is a Registered Trademarks of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All Trademarks Acknowledged.