Security Basics mailing list archives
RE: Review of logs/audit trail - whose responsibility?
From: "Matt Flynn" <mflynn () netvision com>
Date: Tue, 6 Oct 2009 12:20:36 -0400
I know I'm late to the discussion, but I don't think it's possible to ignore your point that each company might implement it differently. The fact seems to be that each company not only implements differently, but is also organized differently. I speak to many organizations concerned with audit and 'Computer Audit' is not a group that I often run into. For many organizations, the audit group is a non-IT group. So, they rely on IT to provide answers. They would prefer not to have to call IT, but unfortunately IT systems are complex and auditors don't always have a way to get answers on their own. I agree with the consensus here that there should be a separation of responsibilities. Someone needs to provide oversight on the IT administrators. Whoever is responsible for the audit, whether it be a security group, an internal audit group, or an external auditor should confirm that appropriate permissions are applied and user and admin activity is in line with security policies. Matt Flynn NetVision ----- Original Message ----- From: <sfmailsbm () gmail com> To: <security-basics () securityfocus com> Sent: Tuesday, September 22, 2009 6:00 PM Subject: Review of logs/audit trail - whose responsibility?
Dear all, a simple question: we all agree that there must be logs and audit trails to enable tracing
back and monitoring of suspicious activities
Logs should be reviewed regularly to identify abnormal activities however, who should "ideally" be responsible for this regular (daily)
monitoring of logs?
Is it IT, IT Security or Computer Audit? I know that each company might implement it differently, but from a
conceptual point of view, in terms of security, what will be the most appropriate choice?
thanks for your comments Regards, Ronish ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727 d1
------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: Review of logs/audit trail - whose responsibility? Matt Flynn (Oct 06)