Audit File, Folder, Share and Permission Changes on Windows File Servers

Start Using Netwrix Auditor for Windows File Servers:

Download your free 20-day trial

File servers are some of the most critical elements the IT infrastructure. The importance of a given file server is determined by the importance of files stored on it, and most organizations have at least one file server with business-critical or confidential data. Any improper permission change on an important file server increases the risk of sensitive data being compromised or lost. Such a security breach can disrupt business operations and hurt productivity and profitability, as well lead to legal liabilities and fines for compliance failures.

It is a common practice to protect valuable file servers against unauthorized access and failover; however, having a good security plan for maintaining data integrity, confidentiality and availability is just the beginning. Organizations also need to continuously audit file server operations such as file reads and writes, folder removal and creation, file and folder rename operations, and permission changes, so they can quickly detect improper activity and investigate problems in detail. This enables them to minimize the adverse effects of undesired changes, prevent data breaches and demonstrate compliance to auditors.

Netwrix Auditor reports on all file, folder and share changes, including file and folder removal events and permission changes, across all your Windows file servers, with details of who changed what, and when and where each change was made. Before and after values are captured to paint a complete picture of what happened.

For example, you can see not only that a user's permission for a sensitive folder was changed, but that the change was from "read" to "full control" — a clear security concern. By ensuring control over permission changes and insight into the full spectrum of details, Netwrix Auditor enables security administrators to ensure data integrity and maintain compliance.