Best Practices: Event Log Management for Security and Compliance Initiatives
Has someone made any unauthorized changes to the Active Directory policies or Access Control Lists (ACLs) for a directory on a server containing company Intellectual Property? Has someone gained unauthorized access to data that is regulated by law, such as HIPAA? Is somebody trying to hack into the internal systems? What if the compliance officer asks for SOX-centric reports? Every day, computer networks across the globe are generating records of the events that occur. Some are routine. Others are indicators of a decline in network health or attempted security breaches. Log files contain a wealth of information to reduce an organization's exposure to intruders, malware, damage, loss and legal liabilities.