Security Basics mailing list archives
Re: Review of logs/audit trail - whose responsibility?
From: "M.D.Mufambisi" <mufambisi () gmail com>
Date: Tue, 29 Sep 2009 09:06:42 +0200
My 0.02. Im an IT Advisor and this issue is raised often by clients. In my humble opinion,Computer audit should review the logs and should have the necessary skill to do it. It cant be IT because IT generate ssome of the audited events and proper segregation of duties implies that you can not MONITOR your own activity. With regards to te frequency, it depends with the environment. A bank for instance would have real time monitoring....such as alerts to IT security on various events....whilst an organisation such as a sports club may not need such drastic measures. Kind Regards Munyaradzi On 9/26/09, Gleb Paharenko <gpaharenko () gmail com> wrote:
Hi! The core requirements: it should be other person(s) than who is producing log events and this person should be competent enough to analyse the activities in logs. Even, it might be some managed security service provider. When you need performance and fill lack of resource - use different IT departments. In case you need more independent review - make a computer audit to watch for IT logs. 2009/9/22 <sfmailsbm () gmail com>:Dear all, a simple question: we all agree that there must be logs and audit trails to enable tracing back and monitoring of suspicious activities Logs should be reviewed regularly to identify abnormal activities however, who should "ideally" be responsible for this regular (daily) monitoring of logs? Is it IT, IT Security or Computer Audit? I know that each company might implement it differently, but from a conceptual point of view, in terms of security, what will be the most appropriate choice? thanks for your comments Regards, Ronish ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 -------------------------------------------------------------------------- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com http://www.linkedin.com/in/gpaharenko +380503116172 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Review of logs/audit trail - whose responsibility? sfmailsbm (Sep 23)
- RE: Review of logs/audit trail - whose responsibility? Rivest, Philippe (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? Quentin Chung@Programmer (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? Gleb Paharenko (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? M.D.Mufambisi (Sep 29)
- Re: Review of logs/audit trail - whose responsibility? Dan Anderson (Sep 30)
- Re: Review of logs/audit trail - whose responsibility? M.D.Mufambisi (Sep 29)
- <Possible follow-ups>
- Re: Review of logs/audit trail - whose responsibility? craig . wilson (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? ron (Sep 28)
- Re: Review of logs/audit trail - whose responsibility? krymson (Sep 30)