Tuesday, September 26, 2006

Logging AS a Privacy Risk? Discussion Ensued :-)

So, some responses to my post on auditing all access are in. Rich Mogul brings an interesting and useful distinction that I totally, unquestionably missed :-)

He seems to agree when when we talk about corporate, work-related resource access. However, in his view, logging "everything" is not so kosher when dealing with "personal life." Upon thinking about it, I tend to agree that there is some truth in that, but, at the same time, it is often very hard to separate between the two: your personal life might be somebody else's business - e.g. your ISPs, Google's, whatever website you visit ... after all you do access their corporate resources (even if public)

The discussion also diverged (also here) towards "do we have a right for privacy?", in Constitution or elsewhere.

And , come on, Mike, what's up with that :-) (quote): "Anton works for a log management vendor, so it's no surprise that he thinks logging is cool everywhere"? I happen to genuinely think that, even when my marketing hat is off ...

Dr Anton Chuvakin