Wednesday, July 18, 2007

 Log

 Log management in the age of compliance
Home   (Related)  Home
News   (Related)  News
E-mail Newsletters   (Related)  E-mail Newsletters
Tech Dispenser   (Related)  Tech Dispenser
Shark Bait  (Related)  Shark Bait
Knowledge Centers  (Related)  Knowledge Centers
Operating Systems  (Related)  Operating Systems
Networking & Internet  (Related)  Networking & Internet
Mobile & Wireless  (Related)  Mobile & Wireless
Security  (Related)  Security
Storage  (Related)  Storage
Business Intelligence  (Related)  Business Intelligence
Servers & Data Center  (Related)  Servers & Data Center
Hardware  (Related)  Hardware
Software  (Related)  Software
Development  (Related)  Development
Careers  (Related)  Careers
Management  (Related)  Management
Government  (Related)  Government
Compliance   (Related)  Compliance
Legislation/Regulation   (Related)  Legislation/Regulation
IT in Government   (Related)  IT in Government
Opinion/Blogs  (Related)  Opinion/Blogs
Webcasts   (Related)  Webcasts
Podcasts   (Related)  Podcasts
White Papers   (Related)  White Papers
Computerworld Reports   (Related)  Computerworld Reports
Zones  (Related)  Zones
RSS Feeds   (Related)  RSS Feeds
Events   (Related)  Events
Print Subscriptions   (Related)  Print Subscriptions
 Subscribe to our e-mail newsletters

 For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)  (Related) Computerworld Blogs Newsletter  (Related) The Weekly Top 10  (Related) 
More E-Mail Newsletters   (Related) 
 Subscribe to
Computerworld

 
40 years of the most authoritative source of news and information for IT leaders.
 Log management in the age of compliance
 'Bread crumbs' are key to what's happening with your network
 Anton Chuvakin



















  Today’s Top Stories   (Related)  
 
or 



Other Government Stories

  (Related)  

 
  

The Undeniable Business Value of Data Visualization
  (Related) 
Learn how to achieve, maintain, and demonstrate compliance with PCI requirements
  (Related) 
Vulnerability Management & Policy Compliance Overview
  (Related) 
New Computerworld content piece on Rob Ashe, CEO of Cognos
  (Related) 
Computerworld Survey Results: How Organizations Are Managing Their Firewall Infrastructure
  (Related) 
Operationalizing Security & Policy Compliance - A Unified Approach for IT, Audit and Operation Teams
  (Related) 
The Untethered Worker
  (Related) 
Strategies for Protecting Against Internet Threats
  (Related) 
A Great Leap Forward in Storage for the SMB
  (Related) 

Sign up to receive Security Resource Alerts  (Related) 

 July 16, 2007 (Computerworld)  (Related)   -- With each high-profile data breach (such as those at The TJX Companies  (Related)   and the U.S. Department of Agriculture  (Related)  ) or new regulation, security emphasis seems to shift away from the traditional "keep bad guys out" mentality and toward a layered, in-depth, "What's going on in here?" look at IT activity. Organizations are turning to logs to provide a continuous trail of everything that happens with their IT systems and, more importantly, with their data.

 

Logs of different types are generated from different sources at an astounding rate, allowing for a detailed -- if sometimes cloudy -- picture of IT activity. If a disgruntled employee with an intent to steal data accesses a database containing confidential information, there would likely be a log of that activity that someone could review to determine the who, what and when. Logs provide the bread crumbs that organizations can use to follow the paths of all of their users, bad-intentioned or not.

 

It follows that managing these logs can benefit an organization in many ways. They offer situational awareness and help organizations pinpoint new threats as well as allow their effective investigation. Routine log reviews and in-depth analysis of stored logs are beneficial for identifying security incidents, policy violations, fraudulent activity and operational problems shortly after they have occurred, as well as for providing information useful for resolving such problems.

 

Given the inherent benefits of log management, it is not surprising that log data collection and analysis is generally considered a security industry "best practice." However, a number of regulations also explicitly call for the collection, storage, maintenance and review of logs, turning log management from a "should do" to a "must do." Some of these regulations rely on National Institute of Standards and Technology Computer Security Special Publications (NIST SP) to delineate the detailed logging requirements.

 

In my previous article  (Related)  , I described the way in which three regulations (FISMA, HIPAA and PCI-DSS) affect incident-response processes. This triumvirate also affects log management, since they call for enabling logging as well as for log review.

 The Federal Information Security Management Act of 2002 (FISMA)

 

While many criticize FISMA for being all documentation and no action, the law simply emphasizes the need for each federal agency to develop, document and implement an organizationwide program to secure the information systems that support its operations and assets. NIST SP 800-53,  Recommended Security Controls for Federal Information Systems , describes log management controls including the generation, review, protection and retention of audit records, plus steps to take in the event of audit failure.

 Continued...

 1 | 2  (Related)   | 3  (Related)   | NEXT    (Related) 






Print this Story  (Related) Send Us Feedback  (Related) E-mail this Story  (Related) 


Digg this Story
  (Related) 
Slashdot this Story  (Related) 
Restaurant Chain Beefs Up Payment Card Protections  (Related) IBM pushes 32-nanometer chips with BASF deal  (Related) Boardroom Video: Being More Competitive  (Related) 
 

"
What, me worry? It's Wednesday's IT Blogwatch: in which Microsoft encounters trouble getting Office Open XML ratified as a..."
Read more...   (Related) 
 

"
According to a report by the Veterans Affair Department, an employee of the organization attempted to Read more...   (Related) 
Read more Government/Regulations posts   (Related)   or See all Blogs   (Related) 

DBAs reveal how they rev their database without spending a fortune
  (Related) 
Pfizer waited six weeks to disclose breach that exposed data on thousands
  (Related) 
Mac Attack! An enterprise PC shop switches to Apple
  (Related) More top stories...  (Related) 

Hacking extortionist resurfaces
  (Related) 
Mac OS X worm maker raps Apple on security
  (Related) 
Microsoft declares serious intentions for casual games
  (Related) 
Best
Places to Work in IT 2007  (Related) 
 
Where can you earn top dollar, get the best benefits, the latest IT and
more? Find out in our 14th annual survey of the Best Places to Work in IT.
First
look at the iPhone: Tomorrow's technology today  (Related) 
 
Does the must-have phone of '07 live up to its hype? Absolutely -- it's
worth the high price and delivers tomorrow's technology today, says
reviewer Mike DeAgonia.
'80
Mbytes of storage for under $12k!' and other ad favorites through the
years  (Related) 
 
Check out some of the most entertaining advertisements that have appeared
in  Computerworld  since 1967.

First
look: The new MacBook Pro 17, now with hi-res screen  (Related) 
 
What do you get when you take an already fine laptop and give it a faster
processor, faster front-side bus, a better video card and a 7,200-rpm hard
drive? Laptop nirvana.
 Tech Dispenser  is Computerworld's new human-powered technology blog network and news aggregator, with sites and links hand-selected by Computerworld's editors.
 What's hot now:

 
Subscribe to RSS headline updates from:


 
Powered by FeedBurner

Windows Vista A to Z  (Related) 
 
Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.
 More Continuing Coverage After 9/11: Homeland Security Ask a Premier 100 IT Leader BlackBerry Legal Battle Data Security Breaches Electronic Voting Firefox H-1B Visas HP's Boardroom Scandal Handheld Devices Hurricane Katrina Aftermath Microsoft Legal Issues Microsoft's Vista Open Source RFID Technology SCO's Linux Fight Sarbanes-Oxley Act Spam Voice Over IP Wi-Fi Windows Meta File Vulnerability Windows XP Service Pack 2
 
IT Careers 2010  (Related) 
 
Four years from now, the IT field will be a vastly different place. Will you be ready?
 More Special Reports  Premier 100 IT Leaders 2007 Best in Class 2006 Computerworld Horizon Awards 2006 Premier 100 IT Leaders 2006 Salary Survey 2007 Best Places to Work in IT 2007 IT Forecast 2007 Premier 100 IT Leaders 40 Years of Computerworld ASPs, Take Two Best Places to Work in IT 2003 Best Places to Work in IT 2004 Best Places to Work in IT 2005 Best Places to Work in IT 2006 Business Intelligence Home Runs Business Intelligence: Smarter BI Business Intelligence: The Future of BI CRM Goes Vertical CRM: Sober CRM Career Planning Guide 2005 Careers: IT Profession 2010 Computerworld Horizon Awards 2005 Data Management: Mining for Gems Data Management: Taming Data Chaos Development: Hard-Workin' Web Sites Development: New Tools New Choices Development: The New World of Application Development Development: The Web Services Tsunami Development: Web Services Hurdles Disaster Recovery: Preparing for the Worst E-commerce Grows Up E-mail/Groupware: Big Decisions Faces of Mobile IT Forecast 2006 Global Mobile Hardware: Multiple Cores, Multiple Challenges Hardware: On-Demand Un-Hyped Hardware: The Shape of Things to Come IT Management: Guide to Managing Vendors IT Management: Navigating Global IT IT Management: Recovery Ahead IT Management: The Future of IT IT Management: The Resourceful Project Manager Innovative Technology Awards 2004 Management: Reinventing IT Microsoft in Transition Mobile/Wireless Leaders and Laggards Mobile/Wireless: The Untethered Worker Mobile/Wireless: Tiny Gadgets, Huge Costs Network Management: Taking Control Networking: Turbulence Ahead! Networking: VoIP Goes Mainstream Operating Systems: In the Slow Lane Operating Systems: Linux Goes Global Operating Systems: Should You Nix Unix? Outsourcing: Offshore Buyer's Guide Outsourcing: Outsourcing Dangers Premier 100 IT Leaders 2004 Best in Class Premier 100 IT Leaders 2005 Best in Class ROI: Do the Math! Salary Survey 2003 Salary Survey 2004 Salary Survey 2005 Security Action Plan Security: Compliance Headaches Security: Proactive Security Security: Risk and Reward Security: Tips From Security Pros Souped-up Security Storage: Battling Complexity Storage: Cheap & Secure Data Stores Storage: Stretching Your Storage Dollars Storage: The Lean Storage Machine Storage: The New Rules of Storage Storage: The Ultimate Backup Guide Supply Chain: Missing Links Supply Chain: RFID Reality Check The Business of Security Web 2.0 Security Wireless: Wireless At Work
 All Zones

Customer Experience Management Zone  (Related) 

Integrity Zone  (Related) 

The Mobility Zone  (Related) 

Performance Management Zone  (Related) 

Server Management Zone  (Related) 

The SAS Zone  (Related) 

Software Zone  (Related) 

The Vulnerability Management & Policy Compliance Zone  (Related) 

The Web Conferencing Zone  (Related) 








See your link here  (Related) 
 Strategies for Protecting Against Internet Threats
 Download this Technology Briefing, free, compliments of St. Bernard Software, for a limited time.

 (Source: Computerworld)

 
It is through the Web that the most potentially harmful and malicious threats can enter a computer system. Yet, nearly half of all organizations in the U.S. continue to do nothing about Web Filtering or blocking.

 
Learn about the effective and affordable strategies that your organization can use to protect itself from internet threats in the new report from Computerworld. For a limited time this report is being made available at no cost to our customers, compliments of St. Bernard Software.

Download this executive briefing   (Related)  Download this executive briefing 
 Balancing Risk, Cost and the User Experience with VeriSign Layered Security
 Download this white paper

 (VeriSign)  These days, people conduct business from virtually anywhere, thanks to continual advances in Internet technology. As enterprises begin to accommodate the demands of this "Any Era," threats to your infrastructure inevitably increase. VeriSign has created a Layered Security solution to provide added security without sacrificing a rich user experience.
Download this white paper   (Related)  Download this white paper 
 Business Service Management Trends: How a CMDB Drives IT-Business Alignment
 Business Service Management Trends: How a CMDB Drives IT-Business Alignment

 
Download this on demand webcast now!
Go to the webcast   (Related)  Go to the webcast 
 White Papers
 
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Operationalizing Security & Policy Compliance - A Unified Approach for IT, Audit and Operation Teams  (Related) Computerworld Survey Results: How Organizations Are Managing Their Firewall Infrastructure  (Related) New Computerworld content piece on Rob Ashe, CEO of Cognos  (Related) 
View more whitepapers   (Related)  View more whitepapers 

Microsoft System Center - Enterprise-class reliability, scalability, and security.
  (Related)  Microsoft System Center - Enterprise-class reliability, scalability, and security.




Computerworld Survey Results: How Organizations Are Managing Their Firewall Infrastructure
  (Related)  Computerworld Survey Results: How Organizations Are Managing Their Firewall Infrastructure




White Paper: Siemens IT Solutions and Services Success Story
  (Related)  White Paper: Siemens IT Solutions and Services Success Story




White Paper: Success Apparel Success Story
  (Related)  White Paper: Success Apparel Success Story




Cafe Belmondo Coffee, Try our Premium Gourmet Coffee for only $10 and receive a free gift.
  (Related)  Cafe Belmondo Coffee, Try our Premium Gourmet Coffee for only $10 and receive a free gift.




Thompson Cigars: Treat yourself to one of the finest selections of hand rolled cigars available
  (Related)  Thompson Cigars: Treat yourself to one of the finest selections of hand rolled cigars available




Get Microsoft & Novell INTEROP ABILITY.
  (Related)  Get Microsoft & Novell INTEROP ABILITY.




Attend Nortel's Unified Communications Webinar Series
  (Related)  Attend Nortel's Unified Communications Webinar Series




Lower power consumption, better space utilization-HP's newest blade technology
  (Related)  Lower power consumption, better space utilization-HP's newest blade technology




The HP StorageWorks Ultrium 448c Tape Blade-made for BladeSystem c-Class enclosures
  (Related)  The HP StorageWorks Ultrium 448c Tape Blade-made for BladeSystem c-Class enclosures




"Building a Virtual Infrastructure from Server to Storage"
  (Related)  "Building a Virtual Infrastructure from Server to Storage"




Manage your time, power and resources with the HP BladeSystem
  (Related)  Manage your time, power and resources with the HP BladeSystem




White Paper - Acceleration: Bottlenecks, pitfalls and tips
  (Related)  White Paper - Acceleration: Bottlenecks, pitfalls and tips




For a limited time, reduced price on Crystal Reports® XI, New or Upgrade.
  (Related)  For a limited time, reduced price on Crystal Reports® XI, New or Upgrade.




How to Protect Your Company From the Growing Threats of Russian Hackers
  (Related)  How to Protect Your Company From the Growing Threats of Russian Hackers




Ten Steps to Mobile Security
  (Related)  Ten Steps to Mobile Security




Technology Briefing - A Great Leap Forward in Storage for the SMB
  (Related)  Technology Briefing - A Great Leap Forward in Storage for the SMB




Webcast - Simplifying the storage environments for small and mid-sized businesses
  (Related)  Webcast - Simplifying the storage environments for small and mid-sized businesses




Get security insights from CIO Magazine and Trend Micro at the 2007 Virtual Security Summit.
  (Related)  Get security insights from CIO Magazine and Trend Micro at the 2007 Virtual Security Summit.




Protecting Your Enterprise: Now and Into the Future
  (Related)  Protecting Your Enterprise: Now and Into the Future




Endpoint Security Virtual Conference: Protecting data at the edge of your network. Register now!
  (Related)  Endpoint Security Virtual Conference: Protecting data at the edge of your network. Register now!




Learn about the latest encryption and authentication technologies that will help to protect your organization!
  (Related)  Learn about the latest encryption and authentication technologies that will help to protect your organization!




Computerworld Report - Enterprises Rate Importance of IP Telephony Features, Management, and Applications
  (Related)  Computerworld Report - Enterprises Rate Importance of IP Telephony Features, Management, and Applications




Does Your Antivirus Software Detect Spyware? Test drive CounterSpy Enterprise!
  (Related)  Does Your Antivirus Software Detect Spyware? Test drive CounterSpy Enterprise!




Learn from Success: Integrating Legacy with SOA for Faster Business Processes
  (Related)  Learn from Success: Integrating Legacy with SOA for Faster Business Processes




Upgrade to Next-Generation Antispam/Antivirus for Exchange: Download Messaging Ninja Today!
  (Related)  Upgrade to Next-Generation Antispam/Antivirus for Exchange: Download Messaging Ninja Today!




"The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management
  (Related)  "The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management




Easy and affordable PC Disk and File Encryption for Enterprises from the company that protects YOUR Government - Free 30 day evaluation
  (Related)  Easy and affordable PC Disk and File Encryption for Enterprises from the company that protects YOUR Government - Free 30 day evaluation




Migrating from ERwin®toPowerDesigner® by Sybase
  (Related)  Migrating from ERwin®toPowerDesigner® by Sybase




"The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management
  (Related)  "The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management




Introducing: Project Icebreaker
  (Related)  Introducing: Project Icebreaker



About Us  (Related) Advertise  (Related) Contacts  (Related) Editorial Calendar  (Related) Help Desk  (Related) Jobs at IDG  (Related) Privacy Policy  (Related) Reprints  (Related) Site Map  (Related) 
CIO  (Related) Computerworld  (Related) CSO  (Related) GamePro  (Related) Games.net  (Related) IDG Connect  (Related) IDG World Expo  (Related) Infoworld  (Related) 

JavaWorld  (Related) LinuxWorld  (Related) MacUser  (Related) Macworld  (Related) Network World  (Related) PC World  (Related) Playlist  (Related) 
 
Copyright © 2007 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission of Computerworld Inc. is prohibited.
Computerworld and Computerworld.com and the respective logos are
trademarks of International Data Group Inc.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)