Auditing the use of our Central Credentials

[Bob Bayn <bob.bayn () USU EDU>]

We have a new central credential authentication system this year.  It's home grown and has no log auditing 
capabilities.  We know from experience with the scattered systems that it replaced that auditing capability is useful.  
We've  identified sources of password guessing, sources of unauthorized password use (were you in China yesterday?  
Your password was.) and have watched for uses of passwords exposed by successful phishing.

At the moment, management is satisfied that the authentication system works and is relatively unconcerned about our 
inability to audit the uses of the system.  So, I'm looking for info about how other institutions audit the use of 
authentication credentials, and especially anecdotes about how that capability is valuable for preserving and insuring 
security and protection of information.


Bob Bayn     (435)797-2396     Security Team coordinator
Office of Information Techology at Utah State University