We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Is it possible to tell files have be viewed
Options
publicsectorworker
Posts: 147 Forumite
in Techie Stuff
Hello.
Some settings were changed on a shared network drive at work which meant everybody could see everybody elses files.
Anyone know if its possible to tell if files have be viewed if they were just opened and closed but nothing saved or changed
thanks.
Some settings were changed on a shared network drive at work which meant everybody could see everybody elses files.
Anyone know if its possible to tell if files have be viewed if they were just opened and closed but nothing saved or changed
thanks.
0
Comments
-
right click > properties
tells you last time of access & view0 -
Right click the file, properties. See if there is a last accessed property.0
-
Thanks. The files say last accessed but not by who. Is it possible to find this out too. Or run a report detailing last accsed?
Ive just opened a file and closed it without changing anything and the last accessed time doesnt change?0 -
Refresh the folder and it should change.Censorship Reigns Supreme in Troll City...0
-
Refreshed and it stays the same date.
Also cant see anywhere where it tells you who accesed the file?0 -
If file access auditing is enabled on the sever, then the list of users who accessed the file, when and from which computer will be recorded.
This information will not be recorded unless auditing was enabled before the file was accessed.
The following article tells you how to enable auditing on a file (or folder).
http://technet.microsoft.com/en-us/library/cc771070.aspx
You can then use the event viewer on the server to examine the security audit logs.
Note that auditing makes a lot of work for the server and the records can take up a lot of disk space. Old records may be automatically deleted, so you may not be able to go back in time far, if you aren't selective about what activity is recorded.0 -
That link says the logs would be limited in size.ChumpusRex wrote: »If file access auditing is enabled on the sever, then the list of users who accessed the file, when and from which computer will be recorded.
This information will not be recorded unless auditing was enabled before the file was accessed.
The following article tells you how to enable auditing on a file (or folder).
http://technet.microsoft.com/en-us/library/cc771070.aspx
You can then use the event viewer on the server to examine the security audit logs.
Note that auditing makes a lot of work for the server and the records can take up a lot of disk space. Old records may be automatically deleted, so you may not be able to go back in time far, if you aren't selective about what activity is recorded.
Would large public companies generally enable this for large network drives with hundreds of users? Or world it be more likely done after something is queried which defeats the point really.0 -
publicsectorworker wrote: »That link says the logs would be limited in size.
Would large public companies generally enable this for large network drives with hundreds of users? Or world it be more likely done after something is queried which defeats the point really.
The late great Roger Needham said that if you think you can solve your problem with cryptography, you probably don't understand your problem and you probably don't understand cryptography. The point he was making was that encryption is much harder to use to solve problems, and addresses a much narrower range of problems, than is popularly believed.
Similar arguments apply to firewalls, intrusion detection systems and file-level auditing. In the case of IDSes and file-level auditing, they generate voluminous logs, the vast majority of which is benign. Without a very well-resourced log-reading scheme, with sharp tools to detect the interesting amongst the vast amounts of noise, and clear policies that articulate what's expected and what's exceptional, it's somewhere between worthless and actively harmful (if "we'll catch them in audit" stops you from actually stopping them in the first place).
I've lost track of the number of sites I've seen with elaborate logging of trivia from various audit points, but vast gaping weaknesses in their security that are either not logged or are lost under the volume of pointless information from logs that are being generated with no clear purpose. Without out a clear security policy which sets out the assets, threats and controls, with well-designed logging that feeds into well-specified measures of effectiveness, it's mostly just theatre.
By analogy with Cargo Cult Science, one might call this cargo cult security.0 -
In this situation you need a document management system, which will martial files in and out, and any changes have to be committed by an individual (with the ability to roll back to previous versions, all datestamped, etc). They're used widely in IT for managing code versions (Subversion, CVS, http://git-scm.com/ might be a solution for you for instance), there are excellent free ones available, bit it does mean a bit of setting up and a cultural change.0
-
In this situation you need a document management system, which will martial files in and out, and any changes have to be committed by an individual (with the ability to roll back to previous versions, all datestamped, etc). They're used widely in IT for managing code versions (Subversion, CVS, http://git-scm.com/ might be a solution for you for instance), there are excellent free ones available, bit it does mean a bit of setting up and a cultural change.
That doesn't address the problem. Document management systems aren't quite the same as version control systems; just putting your documents under subversion won't satisfy your ISO9000 auditor, because document management includes formalised approval loops which the various source control systems, all of which trace their heritage back to SCCS and RCS, don't provide. In any event, neither version control nor document management provides any control over non issue-controlled copies.
I can check out a read-only (so far as the control system is concerned) copy of a document and it is not in any way managed by the system, so there is no audit of what happens to it. In fact, the problem of uncontrolled copies, which aren't u!!!!ued when the master changes and (in the worst cases) are subject to modification outside the DMS. In most cases, a DMS provides a means to obtain the latest approved version, but does not prevent either the use of outdated versions. And once a version exists outside the DMS, it provides no help at in tracking it.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards