If you read part 1 in this series, you caught a glimpse of how STEALTHbits file activity monitoring solutions help solve critical change and access issues without the use of native logs. Today we’ll delve deeper into the explanation of these solutions and reveal five more real-life cases where you could use our file activity monitoring solutions.
Case 6: File Tampering
File tampering is when a user modifies the contents of a file such as spreadsheet calculations or other data.
The STEALTHbits Activity Monitor automatically records who modified the spreadsheet (or other files), when, and from where.
Case 7: Administrator Activity Auditing
An administrator exploits his admin rights to access files with sensitive data.
The file activity monitor solves this by providing an audit trail of all administrator access, enabling the identification of privileged account misuse or abuse.
Case 8: Sensitive Data Auditing
The law, or other regulations, require organizations to record access events to files containing sensitive data.
The file activity monitor will work with a DLP or sensitive data discovery solution to provide an audit trail of access events to files with sensitive data.
- StealthAUDIT can also do this.
Case 9: Ransomware Detection
Large numbers of files accessed and modified in a short time period can be indicative of crypto-ransomware.
Case 10: Data Sabotage
File deletions (individually or in bulk) can indicate attempts to sabotage data or individuals.
The file activity monitor can provide an audit trail of all file deletions within an environment, allowing administrators to catch perpetrators and stop them from deleting data.