Howard,

log when your user's start your program or enter your security setup. Then log when they leave: all entering records unmatched by logout time are prime suspects of corruption.

And be certain to make that security gadget KNOWN for some other reasons: just tell'em, it will *also* point out workers with dangerous or expensive computer habits.

This change the perception of pulling the plug from an easy, nearly untracable way out to a way possibly leading to an interwiew with your super for endangering data.

HTH

thomas