Auditing File and Folder Access

Access permissions will only help protect data; they won't tell you who deleted important data or who was trying to access files and folders inappropriately. To track who accessed files and folders and what they did, you must configure auditing for file and folder access. Every comprehensive security strategy should include auditing.

To track file and folder access, you must

  • Enable auditing

  • Specify which files and folders to audit

  • Monitor the security logs

Enabling Auditing for Files and Folders

You configure auditing policies by using Group Policy or local security policy. Group Policy is used when you want to set auditing policies for an entire site, domain, or organizational unit and is used as discussed in Part 7 ...

Get Microsoft® Windows Server™ 2003 Inside Out now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.