1) Log management is important for security and regulatory compliance but is often not adequately performed due to being tedious, time-consuming, and abstract for IT staff to deal with.
2) IT professionals are already overworked and focused on maintaining high service levels, so they have little time to thoroughly analyze log data and hope breaches don't occur.
3) Providing the right log management solution can help address these human factors inhibiting effective log analysis and ensure this important security task is properly carried out.
1. 3 Reasons why IT puts us at risk
by Phil Godwin, VP of Sales, Clear Technologies
Our economic environment is still in a fragile oriented. Even so, they do not like to perform
state. Although we see signs of recovery, a brainless tasks. Log management falls into that
majority of our customers are in the process of, category as an IT person would have to pour
and seem to be relishing in cost containment. through reams of data and somehow correlate
One area that has, in recent years, impeded and weight each security risk, which is a truly
cost containment is data breaches. tedious task.
According to a recent study, the cost per No time to ensure uptime; no time to prevent
compromised customer record is $204 and the downtime. IT runs your operations. On any given
average total cost of a data breach is $6.75 day, they are performing multiple tasks that
million. As a result, log management, because it stretch their skills to the limit. Already
acts as a great first-line of defense against a overworked, one IT administrator stated that he
data breach, is a task that is constantly playing is responsible for maintaining a service level of
in the minds of IT and security professionals and 98% for his 900 users, and maintaining/reviewing
executives. Yet, all too often, analyzing logs is log data. But, he is only merited based on his
seldom adequately performed. In its service level performance. Consequently, he
publication, “Guide to Computer Security Log seldom manages and reviews his logs and
Management”, The National Institute of hopes that an incident will not bring down his
Standards and Technology (NIST) identified two system.
major problems with log management. The first
problem is that of “balancing a limited quantity “NAH”. We've all heard the phrase "NIH", not
of log management resources with a invented here. However, with IT staff, we
continuous supply of log data.” The second is constantly witness a belief system of “NAH", not
that of “ensuring that security, system and affected here. Because of the limited time and
network administrators regularly perform multiple demands placed on an IT staff, many
efficient and effective analysis of log data.” are forced to hope and believe for the best.
One IT analyst confided to us he hoped to
At one of our recent customer visits, an IT never have a breach since a breach would
executive was sharing his ongoing frustration bring down his contract manufacturing line and
with log management and analysis. To cost about $25,000 an hour in lost productivity
complicate matters, he stated that the laws, and on-time delivery performance.
regulations, and mandates on companies of all
sizes have made analyzing logs a necessity. He The Solution. Log data management is too
shared that although his company had both important of a task to be overlooked. In order to
the human and technology assets to perform ensure adherence to laws and potential costs,
the analysis; his team could not, in a repetitive IT executives must first understand, address, and
and timely manner, because of the difficulty in resolve the human factors that inhibit this
performing the task. important task. A great way to help to
counteract these three behavioral issues is to
Despite his frustration, we probed further to find provide your IT staff with the right solution to
out what drives this complexity. We were their problem in order to resolve your problem.
surprised to learn that three factors, beyond the
ones delineated by the NIST, influence why log
management and analysis is not performed: it is
tedious, time consuming, and too abstract to
tend to.
No one likes tedious work. Most IT personnel are
generalized as being task versus people-
About Clear Technologies. Since 1993, Clear’s customers have relied on them to meet their hardware needs. Today, their
customers look to them to increase their organizational effectiveness by providing continuity, infrastructure, security, and
virtualization solutions. Based in Coppell, Texas, Van can be reached at www.cleartechnologies.net/DynamicLogAnalysis or
(972) 906 -7500 or pgodwin@cleartechnologies.net.