White paper

Best practices: Event Log Management for Security and Compliance Initiatives

Infrastructure Management

Has someone made any unauthorized changes to your Active Directory policies or Access Control Lists (ACLs) for a directory on a server containing company Intellectual Property? Has someone gained unauthorized access to data that is regulated by law, such as HIPAA? Is somebody trying to hack into your internal systems? What if your compliance officer asks you for SOXcentric reports?
Every day, computer networks across the globe are generating records of the events that occur. Some are routine. Others are indicators of a decline in network health or attempted security breaches. Log files contain a wealth of information to reduce an organization’s exposure to intruders, malware, damage, loss and legal liabilities. Log data needs to be collected, stored, analyzed and monitored to meet and report on regulatory compliance standards like Sarbanes Oxley, Basel II, HIPAA, GLB, FISMA, PCI DSS, NISPOM. This is a daunting task since log files come from many different sources, in different formats, and in massive volumes, and many organizations don’t have a proper log management strategy in place to monitor and secure their network.
In response this white paper will discuss common Event and Log Management (ELM) requirements and best practices to decrease the potential for security breaches and reduce the possibility of legal or compliance issues.