Amidst help tickets, software upgrades and server maintenance, your department can get pretty busy. When you’re trying to keep your employees working and CTO happy, little time remains to think of audits. Yes, I said audits.
I know, that word is typically associated with HIPAA, the IRS, or some other acronym where everyone dressed in white jackets or suits. But the truth is your organization doesn’t have to fear audits; in fact, they can assist you in the long run. Learn how audits can help you create security policies, prevent the spread of viruses and put a stop to employee or client information abuse.
What is an Activity Audit?
An audit is “a systematic review or assessment of something.” Specifically for this context, an audit would be examining the file sharing activities of an organization’s employees. Depending on your file sharing platform, audits can be easy or a bit more detailed and cumbersome. This article will use SmartFile’s activity log as an example.
What Does a File Activity Log Contain?
While each activity log is not created equally, there are typically a few standard data sets available for a systems administrator. A sysadmin can view the time and date of access, user (or permission), the activity or action itself, and the file or path involved in the action. In SmartFile’s cloud file sharing tool, the following data is typically made available.
User Access – Typically defines if the user is an administrator or general user
Connection Method – defines how the user connected to the server (FTP, P2P, etc.)
Location and IP Addresses – helpful for seeing if an employee accessed a file outside the office.
Time and Date Stamps – exact time and date of access
Shared Link Data – in SmartFile, an administrator has the option to see what type of data was shared by a user via a URL link
Folder and File Actions – This field can contain anything from deletion, creation, alteration or path moves.
All of this can be filtered and exported for syslog, CSV or XML formats so as to create reports or easy viewing for independent agencies or managers.
How to Use a File Activity Audit
So now you’ve located your activity log, let’s see how this data can prevent your organization from future headaches.
1. Create an Organizational Security Policy
Depending on the industry in which your organization operates, there may be requirements for creating a security policy or record management protocol. For example, not-for-profit firms are required to create a document retention policy outlining who is responsible for keeping records (such as audits and tax returns) as well as deleting outdated information (contracts expired for over seven years).
Not only must this policy be created, but each action recorded. When you audit file activity, you will help verify if the appropriate documents are indeed being deleted or stored. Plus, the activity log can help make record keeping easy when reporting file deletions or moves.
If you aren’t a not-for-profit, you may still have to create a security policy for your organization’s data. If you work in the healthcare industry, regulations like HIPAA require file sharing be conducted within a platform that contains an activity log. In addition to fulfilling such legal requirements, having a security policy will help your organization know what standards or requirements software and hardware should meet.
According to ITtoday, a good policy can include:
- Specifying required security features
- Defining “reasonable expectations” of privacy regarding such issues as monitoring people’s activities
- Defining access rights and privileges and protecting assets from losses, disclosures, or damages by specifying acceptable use guidelines for users and also, providing guidelines for external communications (networks)
- Defining responsibilities of all users
- Establishing trust through an effective password policy
- Specifying recovery procedures
- Requiring violations to be recorded
- Providing users with support information
2. Prevent the Spread of Viruses
Sadly, today’s internet is riddled with viruses that threaten to infect and even hold ransom your information. Some research even indicates that viruses like ransomware have 47% of infections spread to at least 20 people.
Many times viruses aren’t caught at the moment of infection, but down the road when networks or operations start failing. One way to catch bot or virus activity in an account is a spike in user activity. This spike can be an abnormal amount of deletions or path changes. If your employees average about 20+ actions a day but an activity log shows Julie deleting 500 files within an hour, this could be the symptom of an infection. Early detection of Julie’s work device can help prevent the spread of the virus to the rest of the network.
3. Prevent Data Abuse
An activity log can answer questions like: What was Steve doing with that file on a weekend? Did the intern share that folder with a client? Where were the projects plans moved? Not only is an activity log helpful for employees and administrators, but it also creates an accountability system.
According to a Harvard Study, nearly 1 out of every 2 managers is thought to have failed in holding others accountable. This principle applies to performance and loyalty. A disgruntled employee can be a nightmare for an organization if they still have access to data.
Having an activity log (along with permissions controls) helps to see if employees are handling sensitive information appropriately. Plus, managers are able to hold employees accountable for task completion and client interactions.
Audit File Activity: Concluding Thoughts
So, there we go! Amazing how a seemingly simple log can have a huge impact on your organization. If you don’t have the ability to audit file activity then connect with SmartFile! We can set you up with a file intelligence platform that not only has activity logs, but lots of other helpful features that increase your organization’s secure file sharing abilities.