Educause Security Discussion mailing list archives

Re: Windows DHCP to syslog

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Sun, 21 Oct 2007 00:20:38 -0400

On Sat, 20 Oct 2007 21:38:53 MDT, "Dawson,Scottie" said:

Anyone else have thoughts on the topic of how long  you should keep this
sort of data?


That depends.  Ask your own legal staff.  There's two basic answers:

1) You keep these records for 18 months or 3 years or something like that,
in case an LEO shows up with a subpoena, so you can comply.

2) You ditch those records after a week or so, or whatever length of time
you actually need them for diagnosing network failures caused by a rogue
client, etc, and then properly digitally shred them, so when the LEO shows
up with the subpoena, you can legitimately claim you have no clue and
no record.

Attachment: _bin
Description:

Current thread:

Windows DHCP to syslog Youngquist, Jason R. (Oct 19)
- <Possible follow-ups>
- Re: Windows DHCP to syslog Valdis Kletnieks (Oct 19)
- Re: Windows DHCP to syslog Beechey, Jim (Oct 19)
- Re: Windows DHCP to syslog Dawson,Scottie (Oct 20)
- Re: Windows DHCP to syslog Valdis Kletnieks (Oct 20)