{"id":1535,"date":"2014-02-06T08:50:39","date_gmt":"2014-02-06T14:50:39","guid":{"rendered":"http:\/\/www.poweradmin.com\/blog\/?p=1535"},"modified":"2015-04-24T16:42:15","modified_gmt":"2015-04-24T21:42:15","slug":"auditing-windows-server-2012","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/auditing-windows-server-2012\/","title":{"rendered":"Auditing Windows Server 2012"},"content":{"rendered":"

\n\tCurrent business modeling relies heavily on the virtualization of its network. Many transactions and interactions are now carried out by employees and contractors using mobile devices. Doctors and nurses are no longer relying solely on paper-based note recording and filing, making full use of tablets and laptops to handle patient information. Trade, salespeople and contractors are now processing payments while on location instead of waiting to invoice, skyrocketing levels of productivity.<\/span>\n<\/p>\n

\n\t\"Auditing<\/a>All this traffic of sensitive data needs monitoring and appropriate security applied to comply with governance expectations. Leading IT professionals look to Microsoft Windows Server 2012 to assist them with the management of the ever-evolving hybrid IT infrastructure<\/a>. Auditing is an absolute must for your business, offering protection to you, your customers and clients\u2019 interests. If you store patient information and\/or handle credit\/debit card transactions, you must comply with industry specific requirements.<\/span>\n<\/p>\n

\n\tMajor retailer Target fell prey to a cybercriminal attack in December. The hackers successfully gathered customer\u2019 credit card details and other personal information at point of sale terminals. It\u2019s no wonder compliance regulations are so stringent. Security firm Seculert was able to spot <\/a> when the malware infection occurred and track its movements. This is a perfect example of how the use of the right auditing tactics was useful in providing transparency.<\/span>\n<\/p>\n

\n\tAuditing Tactics with Windows Server 2012<\/u><\/strong><\/span>
\n<\/h2>\n

\n\tExpression based auditing<\/strong> <\/span><\/span>
\n<\/h3>\n

\n\tWindows server 2012 allows you to audit a number of security elements to your server\u2019s infrastructure. Log collection, critical file changes and user-level activity auditing all need to be implemented effectively to get the results your business needs. With Windows Server 2012, you can script the auditing policies you want to focus on, whether expression or resource-based.<\/span>\n<\/p>\n

\n\tExpression-based policies provides filed log results to answer questions such as: \u201cWho is accessing sensitive data?\u201d or \u201cWas there an unauthorized attempt to access restricted data?\u201d Expression based security audit policies log only when specific events occurred outside of the allowed parameters. Recording when an attempt is made to <\/span>\"Protect<\/a>access documents by a user working on an unrelated project, or if sensitive data was sought by someone without the appropriate clearance. By auditing just that activity, you only log file results that are relevant.<\/span>\n<\/p>\n

\n\tThe New Yorker recently reported<\/a> on how social network Snapchat\u2019s failure to act on an exploitable weakness in their interface, led to research-hackers communicating with the company\u2019s server. Once in, the professional hackers operating as Gibson security were able to harvest large amounts of user data. Considering Gibson had warned the company about this weakness, it is a testament to how failure to comply with the results of an audit \u2013 regardless of how it was achieved \u2013 can result in public shame and loss of customer confidence.<\/span>\n<\/p>\n

\n\tFile access and change auditing<\/strong> <\/span><\/span>
\n<\/h3>\n

\n\tAnother security audit you can run with Windows Server 2012 is the monitoring of when critical system files or content is accessed and or altered. Tim White<\/a>, global head of government and intelligence for data analytics firm YarcData rightfully stated that: \u201cWinning at cybersecurity today isn\u2019t necessarily about collecting more data. It is about unleashing the information in the data that\u2019s already there.\u201d Such an audit monitors not only who accessed the file, but what the attributes of that file were.<\/span>\n<\/p>\n

\n\tConnecting the dots may unearth a relevant pattern in the type of file that was accessed or altered; one that will be useful when it comes to filtering the attributes upon investigation of a threat. In the event of such a security breach, the server audit will tell you exactly who accessed what file; not just when and where the breach occurred. With that you can assign accountability accordingly.<\/span>\n<\/p>\n

\n\tThe fabric of a modern successful enterprise is a patchwork of remote, on-site and international workers all making use of the same operating system. Windows server 2012 allows administrators to configure the audit policy to monitor those accessing devices with removable storage. The server can create a success audit whenever a successful attempt is made to read or alter files, as well as create failure files for unsuccessful attempts on a removable storage device.<\/span>\n<\/p>\n

\n\tWindows Server 2012 provides a host of flexible auditing features to assist your organization in achieving the level of transparency required to comply with legislation. It protects your company by informing\u00a0 relevant staff when a breach to your security occurs and enabling you to follow its path.<\/span>\n<\/p>\n

\n\tOf course, a layered approach to security is always the best and Windows Server 2012 will never be enough to protect a company by itself. The network should be protected by firewalls (preferably hardware) and antivirus suites, as well as a monitoring system<\/a> that can dig a little bit deeper if something suspicious is flagged.<\/span>\n<\/p>\n

\n\t\u00a0\n<\/p>\n

\n\tPhoto Credits:<\/span><\/em><\/span> Photo Credit<\/span><\/a>: Apple |\u00a0 Image by <\/span>Lane Fournerat <\/span><\/a><\/span><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

Current business modeling relies heavily on the virtualization of its network. Many transactions and interactions are now carried out by employees and contractors using mobile devices. Doctors and nurses are no longer relying solely on paper-based note recording and filing, making full use of tablets and laptops to handle patient information. Trade, salespeople and contractors […]<\/p>\n","protected":false},"author":2,"featured_media":1538,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,13,10,9,8],"tags":[],"class_list":["post-1535","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general-it","category-pc-security","category-power-admin","category-technical","category-windows"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1535","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=1535"}],"version-history":[{"count":5,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1535\/revisions"}],"predecessor-version":[{"id":3535,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/1535\/revisions\/3535"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/1538"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=1535"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=1535"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=1535"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}