Q

Should log traffic be encrypted?

Should you be encrypting your security log transmissions? "It depends!" explains Mike Chapple in this SearchSecurity.com expert Q&A.

How much effort should be put toward encrypting security log transmissions to protect data confidentiality? We're concerned about the overhead that encryption may impose on our systems.
Your question gets the honor of receiving my favorite answer to security questions: It depends! There really isn't a cut-and-dry answer to whether encryption should be used for log traffic (or any other traffic, for that matter). You need to ask yourself a few questions:

  • What data is contained in the log files?
  • Do they contain confidential information?
  • Do they contain data that would assist someone attempting to compromise your system?
  • Where is the transmission taking place? Is it on a secured internal network, or are the logs being sent over a public network?
  • If you're dealing with extremely confidential logs or ones that traverse public networks, encryption is most likely worth the expense. Otherwise, it may not be necessary.

    More information:

  • Look before leaping into database encryption.
  • Take the pain out of log analysis.
  • This was first published in December 2006

    Dig deeper on Disk Encryption and File Encryption

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close