Yeah, I know, not too technical, but still fun - my paper "Log management in the age of compliance" on ComputerWorld: "In my previous article, I described the way in which three regulations (FISMA, HIPAA and PCI-DSS) affect incident response processes. This triumvirate also affects log management, since they [A.C. - these and other regulations] call for enabling logging as well as for log review."
A quote: "The major effect the age of compliance has had on log management is to turn it into a requirement rather than just a recommendation, and this change is certainly to the advantage of any organization subject to these regulations. It is easy to see why log collection and management is important, and the explicit inclusion of log management activities in major regulations like FISMA, HIPAA and PCI-DSS highlights how key it truly is to enterprise security as well as broader risk management needs."
In other words, if you didn't implement log management, because of the obvious value you can get out of it, now you'd do it 'cause the auditor will get you otherwise :-)
Monday, July 16, 2007
Dr Anton Chuvakin
