Resources for Federal Information Security Management Act (FISMA)

Network, Database, and System Log Data Management: The What, Why, and How

www.wwpi.com

Recently, security has grown to be on the list of top priorities for many organizations. Despite such prominence, many organizations have not managed to take control over what happens on their network and systems. In fact, CIOs and IT administrators seldom realize that there is an effective way to do this: log management.

All users and systems create traces of their activity in the form of log files. Logs are generated at an astounding rate by IT components such as firewalls, routers, server and client operating systems, databases, and even business applications. As a result, mountains of log data accumulate and, often, nobody looks at them despite their usefulness for detecting and troubleshooting security and system operations issues.

Actively monitoring log data will help protect businesses not only from external security threats but also from potential threats lingering inside the organization. Whether it’s a purposeful data leak by a disgruntled employee or an accidental loss of information in a misplaced laptop, there is always a risk from within. Unfortunately, collecting log data is still commonly considered only a housekeeping task for IT managers rather than the first of many bricks for the information risk fortress. This perception persists despite the fact that a slew of regulations actually mandate log management.

View the Resource

Share or bookmarklet this web page at: