File Server – Audit/Maintenance Checklist

Posted: August 10, 2012 in Audit, Checklist, File Server, How-To, Maintenance
Tags: , , ,

1) Check server for latest available service packs and updates

2) Confirm file format (NTFS)

3) Check end-user disk quota availability and restrictions

4) Check File/Folder share permissions

5) Check and verify AV signatures. Ensure that AV scans for file server are scheduled for after-hours. Also make sure that AV auto-protection is ON

6) Check and verify that data drive (usually the non-OS) has at least 10% free disk space (may vary depending on your requirements)

7) Use any of the following paid/free tools (to name a few) for directory/folder size reporting so that you are able to determine what is hogging space on your data drive:

8) Perform disk cleanup. Manually delete temporary files or use one the following third party tools

9) Check and confirm that successful backup of the data has been taking place

10) Review security related vulnerabilities; check event logs – security

11) Review data (files/folders) on the server

  • Old and useless data can be purged
  • Old but required data can be moved to portable storage (external HDD, DVDs) and stored in fire-proof cabinet

12) Age of Files for archival purpose can be estimated by using tool like

13) Check if shadow copy feature is enabled and that there enough storage for the shadow copies (preferably on separate volume on another disk)

14) Keep a log/report of tasks perform for comparison for next audit/maintenance

Advertisements
Comments
  1. Hi, what about monitoring physical access to the machine, in case it happens to be a DC? I’m asking because one of the threats to Domain Controller Security happens to be unrestricted physical access.

    • melvinver says:

      Ryan,

      Though the checklist is mostly about auditing and maintaining a File Server (user-level access and sharing permissions), you are right about concerns regarding physical access to DCs or in case of separate file server, it needs to be controlled and as mentioned by others, access should only given to authorized IT person. If it is a domain (read corporate network), considering a gateway firewall to limit remote access and hence prevent intrusion prevention, is something every Network administrator needs to look into. Internally access restrictions should be controlled which can be effectively managed using security groups, Local Security policies and Domain GPOs. Being a sole IT person at my company, I have made it a point to control access to servers. Apart from Terminal Server and/or Citrix environment which need to be locked down, end-users should not have access to critical servers. Having a gateway firewall and proactively monitoring threats, is something I do to keep the company network secure. Hope that you agree with my comment.

      Melvin

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s