Solved

Auditing logins / reading of emails

Posted on 2007-11-16
5
184 Views
Last Modified: 2013-12-07
Is there a way to see how many times a specific email is opened and read and by which user?
Specifically worried about who someone accessing another user accounts password and logging as them.  
0
Comment
Question by:isc037
  • 2
5 Comments
 
LVL 58

Accepted Solution

by:
tigermatt earned 500 total points
ID: 20300619
You can't audit the number of times an individual email was accessed. If you could, then you would just end up with thousands of audit entries in your event logs every time any system user accesses an email, which is obviously going to fill up the logs very quickly.

You need to talk to your manager about this issue. You should have policies in place for computer and information misuse. The accessing of any user account when not authorised to do so could put the entire business under threat, particularly if that particular user account has access to sensitive documents, i.e. financial or employee information. At the very least, force the user of the user account whose password has been breached to change the password immediately, and implement password policies to use complexity requirements and to force a password change every 90 days or something. I would also educate users in not writing passwords down etc.

-tigermatt
0
 

Author Comment

by:isc037
ID: 20300635
Thanks have it in place.... need to prove it.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 20300973
>>> Thanks have it in place.... need to prove it.
I assume you're talking about the password policies? If so, then you may also want to force the user to change their password this once by checking the "User must change password at next logon" checkbox in their AD account properties. That will force them to change their password and will get them onto the password policy you have defined. Also make sure "Password does not expire" is NOT checked, otherwise your policy won't work.

Other users will follow suit in due course.

-tigermatt
0
 
LVL 1

Expert Comment

by:Computer101
ID: 20526460
Forced accept.

Computer101
EE Admin
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now