This week Israeli company Sabratec Ltd. is launching its Intellinx monitoring solution, which has been described as "one big sniffer", into the Australian market. It is installed on a separate system to analyze and archive every action users perform. The information can then be used as an audit trail in the event of fraud by in-house employees.

Brad Irvine, Northern Territory government ICT office director, said in certain parts of an organization audit trail appliances may be warranted particularly in the more sensitive areas of government, but generally cost and performance degradation factors need to be weighed up.

"It always comes back to how you secure an application and its data; the network shouldn't be overloaded with all theses security controls," Irvine said, adding he's always been an advocate of making systems secure.

"Diligence in terms of user access is regularly reviewed to ensure users aren't getting access to data they're not supposed to."

In Irvine's experience, audit trails are only useful when there has been a breach, but are relevant in line with the number of incidents.