When unusual trading in your company's stock tips the Securities and Exchange Commission (SEC) to begin an in-depth investigation, complying with their requests for information is the best way to reduce the blame falling on you or other executives. Of course, this kind of high-tech investigation goes a lot smoother when you already have software running that tracks who accesses what files on your server. Install file system activity auditing before accusations start flying to enjoy these five benefits if an investigation does begin.
Proving Reasonable Security
First, the SEC appointed investigators will examine the security of your company's data systems to see if you were complicit in letting insider information leak to traders. When evidence is discovered showing a major flaw in your server's security and access control, the entire company can be held liable for the trading event. Installing auditing software helps you test the power of your security system yourself, and it helps your IT team patch up any unauthorized back doors and misassigned credentials before an insider trading breach can occur. Why wait until you're facing a federal investigation to find out if your system is really working the way it should?
Showing How Data Was Accessed
Aside from proving you did your diligence in protecting sensitive data, you can also use the activity audit logs to help the investigator gather evidence that either proves there's no insider leak or identifies who is behind the problem. You can configure the auditing software to collect important facts like
- The date of access for files relating to the trading information
- The profiles and computers that opened the files
- The details of whether the files were legitimately accessed or manipulated in some way
- Complete tracking of how the files were copied, destroyed, or modified.
If the person responsible for leaking the information did it by accident, the log showing their accidents in the servers can make a big difference in proving their innocence to the investigators. Of course, the software can only record whatever you set it to log, and logging too much can eat up system resources and slow down the entire business.
Are you concerned that someone could compromise your system or accidentally expose important financial details to others? Installing file system activity auditing can provide you with immediate feedback on where weaknesses lie in your current security plan. The IT team can test each layer of the system by creating fake accounts and watching as the software records the activities in real time.
Finding The True Culprit
Of course, it's also easy to use this kind of software for catching an active informant and turning them in to the authorities before you could be held liable for their mistakes. Any service that provides alarm services can help you get your IT team on the trail of the breach. You can collect evidence in the form of log files until there's enough proof to submit to an investigator.
Controlling Data Loss
Finally, most solutions for tracking on this kind of scale also feature extra file security features built in as a bonus. For example, many software packages are configurable so that automatic file backups are made to a separate and secure server if certain files are modified or deleted. This can prevent an insider from removing proof of their access or communications.
If you're required to keep every piece of important financial data about your company under lock and key, it's well worth the investment to find some kind of file system activity auditing solution. Options range from simple software that works on a wide range of servers to completely managed IT solutions that work around the clock to protect your company's files. Click here to learn more about your options, or work with an experienced computer auditing company.