The IT Security 'Whodunnit'

Knowing "who" made changes to critical files and configurations is almost as important as knowing that the change occurred in the first place.