Security Basics mailing list archives
RE: Biometric Access logs
From: "Christian Campbell" <ccampbell () brueggers com>
Date: Tue, 3 Mar 2009 09:40:42 -0500
We faced issue in the audit because of this and auditor insisted that the review and analysis of the logs for the Biometric controlled area needs to be done. What can be done in this scenario like this? Please give in your comments.
Your auditor is not understanding the purpose of auditing and analysis. There is no reason to know who jiggled the knob on your server room door; they were denied access. The purpose of auditing is to track who actually accessed what you are trying to protect. If your auditor really wants to know, you'd have to register EVERY fingerprint of EVERY employee in the company. But that only covers employees. If I'm able to gain access to your building (and I'm not an employee), decide to be stupid enough to put my finger on the lock, and am denied access, it will still show a denied access for an unknown person. In that scenario, your auditor isn't getting the information they are requesting. To get them that information would require registering EVERY PERSON in the world... which could be time consuming. ;) Christian Christian Campbell Systems Engineer Bruegger's Enterprises Inc. Desk: 802-652-9270 Cell: 802-734-5023 Fax: 802-660-4034 Email: ccampbell at brueggers dot com PGP Public Key available via PGP keyservers or http://www2.brueggers.com/pgp/ccampbell.html "Computer Science is no more about computers than astronomy is about telescopes." --E. Dijkstra
Attachment:
smime.p7s
Description:
Current thread:
- Biometric Access logs John (Mar 02)
- Re: Biometric Access logs Shailesh Rangari (Mar 03)
- Re: Biometric Access logs Thor Norse God of Thunder (Mar 03)
- RE: Biometric Access logs Murda Mcloud (Mar 03)
- RE: Biometric Access logs Christian Campbell (Mar 03)
- Re: Biometric Access logs Kurt Buff (Mar 03)
- Re: Biometric Access logs Stephen Mullins (Mar 03)
- Re: Biometric Access logs Rogerio Carvalho (Mar 03)
- <Possible follow-ups>
- RE: Re: Biometric Access logs fac51 (Mar 05)