Home > Ask the Security Experts > Expert Archive: Security Management Questions & Answers > What are the best business practices for Unix audit settings?
Ask The Security Expert: Questions & Answers
EMAIL THIS

What are the best business practices for Unix audit settings?

Mike Rothman, past SearchSecurity.com expert EXPERT RESPONSE FROM: Mike Rothman, past SearchSecurity.com expert

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 04 July 2008
What are the best business practices for Unix audit settings? A vendor is trying to convince me that Unix syslogs are sufficient to meet regulatory requirements for SOX, HIPAA, GLBA and PCI DSS. Is this correct?

>
There is no easy answer to that question. It all depends on the data in need of protection. If there is no sensitive data on those Unix servers, then I suspect that syslog data will meet all the regulations.

Proper audit and logging requirements are defined by the data itself, but I would focus less on the audit requirements and more on the investigative requirements. If the data is compromised, the next step will be to analyze the situation forensically, draw some conclusions and hopefully prosecute the perpetrators.

If the data coming out of syslog is sufficient to investigate an incident -- and it's stored in a way that will stand up in court -- then I have a hard time believing it wouldn't satisfy an auditor.

More information:

BROWSE BY TAG
Expert Archive: Security Management,   Security Audit, Compliance and Standards,   IT Security Audits,   Operating System Security,   Alternative OS security: Mac, Linux, Unix, etc.,   Application and Platform Security,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Expert Archive: Security Management
What is the GISP certification and how does it compare to the CISSP certification?
Using a QSA to write up a PCI DSS report on compliance (ROC)
How can gap analysis be applied to the security SDLC?
Comparing cheap security products and appliances to costly appliances
What are some tips on protecting my security budget in a poor economy?
What value do research firms provide to their subscribing enterprises?
What certificate offers the best ROI for an IT project manager?
Is insider activity or outsider activity a bigger enterprise threat?
How does information security prevent fraud in the enterprise?
Differences between an SAS 70 data center and a Tier III data center

IT Security Audits
Standards compliance does not equal sound information security risk management
Tony Spinelli: Prioritize Information Security over Compliance
How to prepare for a FERPA audit
MasterCard increases PCI compliance requirements for some merchants
How to select a set of network security audit guidelines
How to write a risk methodology that blends business, security needs
PCI compliance requirement 11: Testing
Using IAM tools to improve compliance
Forensic accounting success depends on information security support
HIPAA compliance: New regulations change the game

Alternative OS security: Mac, Linux, Unix, etc.
Machiavelli Mac OS X rootkit unveiled at Black Hat
How secure is 'Platform as a Service (PaaS)?'
Security comparison: Mac OS X vs. Windows
Mac OS memory flaws pose challenges for enterprise endpoint protection
Rootkit Hunter demo: Detect and remove Linux rootkits
Oracle to buy Sun Microsystems for $7.4 billion
How to harden Linux operating systems
Serious holes in Mac OS X memory, researcher shows
What is the best operating system for an FTP server implementation?
Black Hat DC 2009: Mac OS attack method
Alternative OS security: Mac, Linux, Unix, etc. Research

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
trusted computing  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
Browse our Expert Advice



Find Security Solutions for Your Business
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts