Problem solve Get help with specific problems with your technologies, process and projects.

How can I figure out who is tampering with my system?

Is there a way for me to set my system up to log or identify who and what time someone is tampering with my system when I'm not around?
You need to set up auditing. Auditing can be configured to record logon success and failure, privilege use, file and object access and more. Events are recorded in the security event log. You will need administrative privileges to do so. Audit for a local computer is configured from the Administrative Tools, Local Security, Policy Security Settings, Local Policy, Audit Policy. Audit for specific files and folder access is configured from the security tab of the specific file or folder. Here is a good reference article.

Dig Deeper on Unified endpoint management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.