Logs = Accountability
âą
8 gefĂ€llt mirâą3,408 views
Logs as a Vehicle for Accountability, in IT and Beyond
![Outline ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Empfohlen
Empfohlen
Weitere Àhnliche Inhalte
Was ist angesagt?
Was ist angesagt? (11)
Ăhnlich wie Logs = Accountability
Ăhnlich wie Logs = Accountability (20)
Mehr von Anton Chuvakin
Mehr von Anton Chuvakin (20)
KĂŒrzlich hochgeladen
KĂŒrzlich hochgeladen (20)
Logs = Accountability
- 1. Logs = Accountability Dr Anton Chuvakin Chief Logging Evangelist LogLogic, Inc
- 4. What is a Log? User and System Activity User Terminated Customer Transaction Email BCC Failed Logon Database Access File Up/Download Credit Card Data Access Information Leak Privileges Assigned/ Changed 30%
Hinweis der Redaktion
- TODO: Evolution of logging (Grab from new corp preso = on eHD) Get full Jay Leek preso (maybe) Grab from Tao: too many controls -> less control Grab âfuture log challengesâ blog post Add log taxonomy â guide to using logs for accountability DRAFT â 35-40 minutes This presentation will focus on logs as a vehicle for accountability in organizationâs IT and even beyond. There are many other mechanisms of accountability in an organization, but logs are the one that pervades all IT. And if you IT is not accountable, your business is neither. Thus, if you tend to not be serious about logs, be aware that you are not serious about accountability. Is that the message your organization wants to be sending? Ignoring logs is not just dangerous (due to losing that important resources for troubleshooting and security), it is not only illegal (due to various regulations), but it is also unethical! The presentation will cover how logs can be used organization-wide to establish accountability of users, power-users, other IT as well as partners and others accessing systems and using your information. How to you make sure your users are accountable for their actions? How can you track their activities, if needed? How can auditors review the audit trails of various activities? Broad organization-wide log collection and analysis is the way to solve these and other problems related to accountability. NOTES: Strategic â CSO, etc LE, auditors, board, technical (users), case of breach, e-discovery, forensics, etc Accountability: from users/employees to the board FISMA? Tools? Frameworks? Action items? RAW: I was thinking about logs the other day :-) <p>And the following thought occurred to me: <b>Logs = accountability</b>. <p>So, what is accountability, really? <a href="http://en.wikipedia.org/wiki/Accountability">Wikipedia defines it</a> as "<b>Accountability</b> is a concept in <a href="http://en.wikipedia.org/wiki/Ethics">ethics</a> with several meanings. It is often used synonymously with such concepts as <a href="http://en.wikipedia.org/w/index.php?title=Answerability&action=edit">answerability</a>, enforcement, <a href="http://en.wikipedia.org/wiki/Social_responsibility">responsibility</a>, blameworthiness, <a href="http://en.wikipedia.org/wiki/Liability">liability</a> and other terms associated with the expectation of account-giving." <p>Yes, there are many other mechanisms of accountability in an organization, but logs are the one that pervades all IT. And if you IT is not accountable, your business is neither. Thus, if you tend to not be serious about logs, be aware that you are not serious about accountability. Is that the message your organization wants to be sending? <p>Ignoring logs is not just stupid (due to losing that important resources for troubleshooting and security), it is not only illegal (due to various regulations), but it is also unethical! :-)