Online manual

• Introduction
• Getting started
  • Installation
  • Database
  • Pro version advantages
  • Pro version activation
  • First start
• Profile
  • Saving, editing and deleting
  • Directories
  • Options
  • Authentication
  • Exclude
  • Filters
• View
  • Folder tree view
  • Account view
• Filtering
  • Create, edit, delete
  • Examples
  • Filter table - fields, operations and values
• Export
• Audit history
• Change reports
• NIS2
• Options
  • General
  • Advanced
• Updating
• Troubleshooting

NIS2 Compliance Configuration Guide

This guide explains how to configure and use NTFS Permissions Auditor's NIS2 compliance features to meet EU regulatory requirements for file system security.

Overview of NIS2 Features

NTFS Permissions Auditor Pro includes specialized features for NIS2 compliance:

• NIS2 Compliance Dashboard - Real-time compliance scoring and recommendations
• NIS2 Compliance Reports - PDF reports with executive summary and risk assessments
• Automated Monitoring - Scheduled audits with change detection
• Critical Change Alerts - Email notifications for security-relevant permission changes
• Compliance Profiles - Dedicated audit profiles for critical infrastructure

Step 1: Creating a NIS2 Compliance Profile

First, create a dedicated profile for your NIS2 compliance monitoring:

1. From the Home screen, click "Add profile"
2. Name it descriptively, e.g., "NIS2 Critical Infrastructure Audit"
3. In the Audit Targets tab:
   • Add all critical infrastructure folders (finance, HR, admin, security, etc.)
   • Include backup locations and configuration directories
   • Add any folders containing sensitive or regulated data
4. In the Options tab:
   • Enable "Get group members" to see actual user access
   • Enable "Get nested group members" for complete visibility
   • Important: Check "NIS2 Compliance Profile" to mark this profile for compliance monitoring
5. In the Exclude tab:
   • Consider excluding system directories unless specifically required
   • Exclude disabled accounts to reduce noise in reports
6. Click "Save" to create the profile

Step 2: Running Your First NIS2 Audit

To establish your baseline permissions:

1. Select your NIS2 compliance profile from the Home screen
2. Click "Audit" to start the scan
3. Wait for the audit to complete (time depends on folder count and network speed)
4. Once complete, the report will automatically load
5. Save the report to establish your baseline for future comparisons

Step 3: Viewing the NIS2 Compliance Dashboard

After running at least one audit with a NIS2-marked profile:

1. The NIS2 Compliance Dashboard will appear on the Home screen
2. Review the compliance metrics:
   • NIS2 Profile Configuration - Shows if you have a proper compliance profile
   • Continuous Monitoring - Indicates if automated tasks are configured
   • Incident Detection - Shows recent change notifications
3. Check your Compliance Score - aim for 80% or higher
4. Review recommendations for improving compliance

Step 4: Generating NIS2 Compliance Reports

To create a formal compliance report for auditors:

1. Ensure you have a recent audit from a NIS2-marked profile
2. Click "Generate NIS2 Report" on the Home screen
3. If prompted, select your NIS2 profile and run an audit
4. Choose a location to save the PDF report
5. The report will include:
   • Executive summary with key metrics
   • Risk assessment table with counts and severity
   • Detailed findings categorized by NIS2 articles

Understanding Report Metrics

The NIS2 Compliance Report calculates several key metrics:

• Critical Infrastructure Folders - Folders containing keywords like "finance", "hr", "security", etc.
• High-Risk Permissions - Full Control granted to non-administrative users
• External Access Points - Folders accessible from different domains
• Everyone/Authenticated Users Access - Overly permissive permissions
• Disabled Account Access - Permissions held by disabled accounts
• Orphaned SIDs - Unresolved security identifiers

Step 5: Setting Up Automated Monitoring

Configure scheduled tasks for continuous compliance:

Creating a Monitoring Task

1. Go to the TASKS section
2. Click "New" to create a task
3. Configure the task:
   • Name: "NIS2 Daily Compliance Check"
   • Profile: Select your NIS2 compliance profile
   • Export Format: Choose your preferred format (Excel, CSV, etc.)
   • Export Path: Set a location for automated reports
   • Email To: Enter compliance officer email addresses
   • Schedule: Set to daily for critical infrastructure
4. Enable "Enable debug logging" for troubleshooting if needed
5. Click "Save" to create the task

Configuring Email Alerts

To receive notifications of critical changes:

1. Ensure SMTP settings are configured in SETTINGS > Email
2. In your task configuration:
   • Set Task Mode to "Change Report Mode"
   • Enable "Email only if changes detected"
   • Add compliance team emails to "Email To" field
3. The system will email when permission changes are detected

Step 6: Change Detection and Comparison

To identify unauthorized permission changes:

Manual Comparison

1. Go to HISTORY to see past audits
2. Select two reports to compare (e.g., last week vs. today)
3. Click "First" for the older report
4. Click "Second" for the newer report
5. Click "Compare" to see changes
6. Look for entries marked [NIS2 CRITICAL] - these require immediate attention

Understanding Critical Changes

Changes are marked as [NIS2 CRITICAL] when they involve:

• Full Control permissions
• Everyone or Authenticated Users groups
• Critical path folders (finance, HR, security, admin, backup)
• External domain access (@different.domain)
• Service account modifications (svc_ or service)

Automated Change Detection

When using scheduled tasks in Change Report Mode:

• The system automatically compares with the previous audit
• Only sends emails when changes are detected
• Change report includes all modifications with critical flags
• Maintains audit trail for compliance documentation

Best Practices for NIS2 Compliance

Audit Frequency

• Daily: Critical infrastructure folders (finance, HR, admin)
• Weekly: All folders in NIS2 profile
• Monthly: Generate formal compliance report
• After changes: Run immediate audit after planned permission changes

Profile Configuration

• Create separate profiles for different criticality levels
• Always enable group member resolution for accurate access visibility
• Use folder depth limits to improve performance on deep structures
• Exclude non-critical subfolders to reduce noise

Report Management

• Save all compliance reports with dates for audit trails
• Export critical change reports when detected
• Document remediation actions taken
• Maintain at least 12 months of history

Troubleshooting Common Issues

NIS2 Dashboard Not Showing

• Verify you have Pro version license active
• Ensure at least one profile is marked as "NIS2 Compliance Profile"
• Run at least one audit with the NIS2 profile
• Refresh the Home screen after audit completion

No Critical Changes Detected

• Verify you're monitoring the correct critical paths
• Check that group members are being resolved
• Ensure comparison is between two complete audits
• Review excluded accounts and folders settings

Email Alerts Not Working

• Test SMTP settings in SETTINGS > Email
• Verify task is set to "Change Report Mode"
• Check Windows Task Scheduler for execution errors
• Review task history for email sending status

Compliance Documentation

For NIS2 audits, maintain the following documentation:

• Initial baseline report - Your first complete audit
• Monthly compliance reports - Generated PDF reports
• Change detection logs - All critical changes identified
• Remediation records - Actions taken to address findings
• Task execution history - Proof of continuous monitoring

Additional Resources

• NIS2 Compliance Overview
• Contact Support for NIS2 Questions
• NTFS Permissions Auditor Main Page

For specific NIS2 compliance questions or assistance with configuration, please contact our support team with "NIS2" in the subject line for priority handling.