Tag: Windows Server audit

In this post, we will dive into how to configure file access auditing on a Windows file server and explore the challenges with interpreting critical access events.   Background The first step in developing an effective audit strategy is to gain a good understanding of your systems,...

Continuously auditing the activity in your network is one of the most critical security best practices, since it helps you notice potentially malicious activity early enough to take action and prevent data breaches, system downtime and compliance failures. Top methods of Windows auditing...

Auditing files and folders got much easier with Global Object Access auditing in Windows Server 2008 R2 and Windows 7. However, if your organization is still running Windows Server 2008, or earlier, for instance Windows Server 2003, setting up file and folder auditing will be a little more...

File server is the central location in any network containing all kinds of information which is saved and shared by users within the organization. There is no restriction on the type of information used and shared. Since it is one of the most common reach out place for the users in the...

Today we are going to talk about finding “lost” files with File Server auditing. But first, how many of you are aware that users have a lot in common with a five year old? Now, before I start getting hate mail, before folks start driving by my house and shooting at it (warning, I shoot back)...

When it comes to change management, Scott Matteson gets it.  Too many companies today make changes without any kind of change management in place. Scott's approach even includes the mandated use of individual accounts to perform changes so that Auditing of system changes can easily be tied back to...

When it comes to security, event logs are supposed to be the best friends of an IT guy managing the environment, right? Roger Grimes from InfoWorld claims that the evidence of malicious activity can be found in Event Logs. So, if companies today already have all necessary data that points...

Because IT security breaches have become so prevalent, the common model for addressing them is often more reactive than proactive. Have you given up and given in to the idea that breaches are inevitable? Money, time and effort is put into establishing incident response teams, but often preventative...

Our next FREE cheat sheet is devoted to auditing changes in the File Server. In this quick guide you'll find the information about required system configurations, HOW-TOs and event IDs that could be helpfull you when auditing your File Servers. Click here to download this FREE guide, no...

Ask an IT manager to tell you who made what changes to system configurations in their IT infrastructure and it will often involve a time-consuming manual process of trawling through a disparate array of native audit logs from servers and network equipment. Despite being slow and insecure this...