The term file integrity monitoring may sound very high-tech and complicated, but it's a very simple notion: letting you know when files change. Changes to files can range from obvious (deleting a file or adding a new one) to minor (adding data to an existing file) to subtle (changing ownership, permissions, or other metadata without affecting the file's contents). As someone who's concerned about the security of Macs on your network, you should be concerned with things like these:
Modifications to the components of Mac OS X itself (particularly anything in the /System folder) — by an installer, user action, or malware — without your permission or knowledge
Installation of server applications or other programs that aren't permitted or appropriate for your situation
Modification of system-wide preferences, firewall rules, and other vital security settings
Deletion of important data (which could mean that a person or a program is trying to cover up misbehavior)
Addition of user accounts without your express approval
With file integrity monitoring software, you take a snapshot of your disk as it appears in a known good state (such as right after a clean installation of Mac OS X) and then take additional snapshots on a regular basis, comparing them to the original (or to the previous one, as the case may be). Doing so gives you a clear, complete list of all the files that were different on your Mac between one time and the next. If you see ...