What is FileAuditor?
DCAP solution (data-centric audit and protection) for automated file system audit, search for access violations and monitoring changes in critical data.
FileAuditor answers important questions about internal business risks mitigation:
What documents contain business critical information?
How much critical data does a company have and where is it located?
Who has access to the data and can edit it?
The Solution Facilitates:
Compliance and Investigation
Compliance and investigation ensuring data inventory, i.e. inventory of personal data and operations on data within your corporate system, and comprising techniques based on eDiscovery elements. Companies have to incorporate a solid data inventory processes or refine the existing practices in order to comply with the recent regulations.
The software helps you to stay informed of which kind of information is gathered by your company, how it is stored and used.
Change Management
The solution will help you to control such procedures as requesting a change and system respond to the change regarding implemented mechanisms and policies and user behavior.
FileAuditor abides by the standards demanding that all processes be authorised, the system helps a specialist see what can and can’t be changed, whether an action is sanctioned or not.
Risk Management
Privileged access is among the most common reasons for security issues. The software enables privileged access management – you can monitor data usage on endpoints and servers by privileged accounts (for example, system administrators), control their activity and obtain information improving decision making regarding access granting and allocation of duties.
Which Task Does FileAuditor Solve
Finds files in a document flow that contain critical information, and assigns a certain type to each file: personal data, trade secret, credit card numbers, etc.
Facilitates confidential information access control – automatically monitors open resources, files available to a specific user or group, privileged accounts.
Makes shadow copies of critical files found on a PC, server or network folders, saves the history of their revisions. Confidential data archive helps in incident investigation and ensures recovery of lost information.
Audits user operations in a file system. The specialists responsible for risk mitigation always have their information about changes made to a file updated (creating, editing, moving, deleting, etc.).
FileAuditor Can Be Custumised And Tailored To The Needs Of A Company:
- Create rules for searching for critical documents (by text, by regular expressions, by file attributes)
- Set the number of recent file versions, the copies of which should be kept
- Select speed, frequency and terms of scanning
How Does FileAuditor Work?
The program runs on the EndpointController agent interception platform – scans employee PCs, servers, network folders and transfers data for analysis to a workstation of a risk manager.
Data Analysis
FileAuditor visualizes file system scan results in accordance with specified rules
The program demonstrates:
- Folder tree with an indication of user rights to each directory or file
- Presence of critical documents on a PC, server, or network storage
- Operations on critical files (creation, movement, deletion, etc.)
- File marking (confidential agreement, personal data, financial statements)
Integration Into SearchInform Risk Monitor
FileAuditor can work both as a stand-alone instrument and as part of SearchInform Risk Monitor. The integration of DCAP-solutions into Risk Monitor will significantly expand the functionality of the system.
If you have already installed SearchInform Risk Monitor, the installation of agent and server software won’t be needed to activate FileAuditor. The system update and activation of a new option will be enough.
