File Activity Monitoring in a File Server
written by Simon
In many businesses, a great deal of confidential information is stored in a file server or a Network Attached Storage(NAS) and shared by employees, contractors, consultants, and business associates. Although we easily share files in shared folders to work together, the management may often worry that a confidential file can be modified, deleted, or even copied by an unauthorized person because of somebody’s mistake or malicious actions.
We usually control users’ access rights first to prevent unauthorized access to a shared folder and then give read-only or read/write permission to users who have access rights to the folder. But users are sometimes given access rights and permissions in exceptional cases, and often, these are not taken back. If this happens repeatedly, things can get messed up. Ultimately, access control and permission management efforts are often given up.
Finally, we look for file activity log features. We try to monitor who creates, modifies, copies, and deletes files and when, because we believe we can detect unauthorized or suspicious activity when a user tries to do so. And users who recognize that their file activity is always monitored can also proactively protect themselves from unauthorized and suspicious actions. File activity log monitoring is more useful in small- and medium-sized businesses where there is no dedicated administrator for a file server.
Of course, there is a log management feature that is provided as a default option by Windows file servers. However, if you set up some options to generate file activity logs, you will find tons of logs, struggle to sort what you really want out of them, and finally end up in big trouble with storage capacity management for the huge logs. This is why some expensive third-party log management solutions for Windows file servers are successful in the market.
Secudrive File Server shows at a glance file activity logs on users who create, read, modify, copy, and delete a file. Customers say that Secudrive File Server’s file activity log feature is useful enough to monitor users’ file activity in a file server without opting for any expensive log management solutions.
Secudrive File Server is basically a data leakage prevention solution for Windows file servers. Secudrive File Server makes it possible to manage users’ rights for copying, printing, screen capture, and network transfers of files from shared folders, while keeping existing shared folders and users’ access rights and permissions in existing Windows file servers. If we block users’ rights to copy, print, screen capture, and network transfer in shared folders and keep all confidential files in the shared folders through their life cycles from creation to deletion, we can completely prevent data breach from the folders.
Secudrive File Server can be utilized differently according to customers’ situations: 1) if users’ rights do not need to be changed often, their rights to copy, print, screen capture, and network transfer are all blocked, and all file activity logs are monitored. This is the most secure option. 2) If users’ rights need to be changed often and there is no dedicated system administrator, we can utilize the file activity monitoring feature for audit as a minimum safeguard to prevent data leakage from a file server instead of blocking all of the users’ rights.
When a user transfers a file from a file server to outside, the Secudrive File Server can back up the file in a certain storage area for audit, encrypt the transferring file, and let it be decrypted only in a copy-protected device such as another file server that has installed Secudrive File Server or a Secudrive USB flash drive.