|
Posted by Phillip Windell on February 2, 2006, 9:52 am
If you were Registered and logged in, you could reply and use other advanced thread options
You can enable Auditing on the Server and then set the auditing on the
particular files/folders that you want to check. There is no way to track
what they actually did with it after they gained access to it. That is why
in high security situations USB is either disabled, or the USB ports glued
shut, or not given CD burners, or the floppy drives removed, or the
machine's case is locked in some kind of container to prevent any physical
access to removable media. But then even after that they could still email
the files to some outside address. Heck if all else fails they could simply
memorize the material (some people are good at that), or copy it down by
hand, or manually type the material into a new Word Document or something
and then take that.
The final solution is to not hire someone you can't trust and/or don't keep
someone you can trust. Technology will never ultimately solve a human
behavor problem.
--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
> I have a situation where I need to know if a user is copying information
from
> the server or/and their local drive to some sort of removable storage
device.
> Is there any log files or event log I can look at that would show this?
> Or
> Is there a utility of app that I can run in the back ground of this p.c.
> that would record such info?
>
> I also need to know if a device such as a USB flash drive is being used on
> this specific p.c. Any ideas?
> Enviroment is XP on desktop, Win2003 network
>
>
| 
XML site map