Blog Data Security

8 Things to Look for in File Auditing Software

Here is a list of 8 critical factors IT pros should consider when evaluating file auditing software.
Rob Sobers
1 min read
Last updated August 17, 2022

Contents

    Any seasoned IT pro will tell you: auditing file and email activity is hard.  You’ve got a production Exchange or SharePoint server being pounded on relentlessly by users all day long and now you want to turn on auditing to capture crucial metadata, but you’re worried about taxing the box and running out of disk space storing all the audit data.  Dilemma.

    In addition to performance and scalability challenges, auditing is hard for other reasons, too.  How do you ensure you’re capturing every event continuously without any gaps?  What about the output?  Where does it go?  Can I search it?  Build reports?  Get alerts?

    It might sound scary, but if you can overcome these obstacles, metadata about your most important information assets, like emails and files, can be leveraged for a myriad of use cases (finding “lost” data, detecting data breaches, identifying stale data, and many more).

    Here are 8 things to consider when looking at file auditing products:

    1. Does it require that you turn on native auditing (which can often be taxing on the box) and read raw log files?
    2. How much audit data can it store, where, and for how long (some products don’t normalize well and you have to purge audit data often)?
    3. Is the audit data accessible to other complimentary products?  On the flip side, can it take other data sources in?
    4. Is the audit data easily searchable, sort-able, and reportable (raw text in an event viewer just doesn’t cut it)?
    5. Is the audit data unified (i.e., can I look at what a user is doing across Exchange, SharePoint, file servers, etc. in a single view)?
    6. Is the audit data correlated with other metadata (i.e., who’s using data + data sensitivity indicators = win)?
    7. Is the audit data actionable (i.e., if you see a user touching data they shouldn’t, can you safely lock it down or create a real-time alert in case it happens again)?
    8. Is the auditing real-time and comprehensive? (some native auditing systems don’t capture all event types)

    I hope these questions help you formulate a plan for deciding which file and email auditing software works for your environment and use cases.  As always, test your auditing software!

    Have additional questions?  Feel free to reach out to us on Twitter: @varonis.

    File Auditing Software

    What should I do now?

    Below are three ways you can continue your journey to reduce data risk at your company:

    1

    Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

    2

    See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

    3

    Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

    Rob Sobers
    Rob Sobers Rob Sobers is a software engineer specializing in web security and is the co-author of the book Learn Ruby the Hard Way.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    4-secrets-for-archiving-stale-data-efficiently
    4 Secrets for Archiving Stale Data Efficiently
    4-secrets-for-archiving-stale-data-efficiently
    Rob Sobers
    November 15, 2012
    In order for organizations to find an effective solution to help deal with stale data and comply with defensible disposition requirements, there are 4 secrets to efficiently identify and clean-up stale data...
    varonis-brings-data-security-to-nasuni-cloud-nas
    Varonis Brings Data Security to Nasuni Cloud NAS
    varonis-brings-data-security-to-nasuni-cloud-nas
    Rob Sobers
    March 29, 2020
    We’re excited to announce that, in an upcoming release, the Varonis Data Security Platform will bring data-centric audit and protection to Nasuni Enterprise File Services. Nasuni is a key Varonis...
    varonis-adds-sspm-functionality-to-datadvantage-cloud
    Varonis adds SSPM functionality to DatAdvantage Cloud
    varonis-adds-sspm-functionality-to-datadvantage-cloud
    Avia Navickas
    February 23, 2022
    SaaS misconfigurations can unintentionally expose valuable corporate data. The new Insights Dashboard from Varonis helps you find and fix these security gaps.
    varonis-named-a-‘strong-performer’-in-2019-forrester-wave-for-data-security-portfolio-vendors
    Varonis Named a ‘Strong Performer’ in 2019 Forrester Wave for Data Security Portfolio Vendors
    varonis-named-a-‘strong-performer’-in-2019-forrester-wave-for-data-security-portfolio-vendors
    Michael Buckbee
    March 29, 2020
    Varonis has been singled out by Forrester as one of “the 13 providers who matter most” of data security vendors in their Forrester Wave™: Data Security Portfolio Vendors, Q2 2019....