Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Review of logs/audit trail - whose responsibility?

From: ron () gmail com
Date: 25 Sep 2009 07:03:55 -0000
Assuming you have all three groups I would vote for IT Security.
- separation of duties.  Assuming that IT is responsible for controlling and granting network access (if IT sec does 
access control, then let IT do reviews)
- IT Security would probably have better training to spot security anomalies 

- don't see audit doing log reviews on operational (daily,weekly) basis.  I expect they would be doing it periodically 
as part of regular audits.  But their reviews should only be considered a backup to the more frequent operational 
reviews since it would normally be too long between audits.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: