This article can also be found in the Premium Editorial Download "Information Security magazine: Tips from the 2007 Security 7 Awards."
Download it now to read this article plus other related content.
Increasingly, however, IT administrators are under pressure to get a handle on their logging practices and manage log data. Regulations such as SOX and HIPAA require some type of audit trail, making log management critical for demonstrating compliance, while the Payment Card Industry (PCI) Data Security Standard specifically calls out the need for log review. Also, the latest changes to the Federal Rules of Civil Procedure (FRCP) require better log collection for legal evidence.
"We have seen a shift in the market toward regulatory and government-based standards to drive purchases of log management systems," says Chris Pick, vice president of products and marketing for NetIQ.
Part of the challenge is the need to look at logging from an enterprise perspective, and move toward having a common and centralized repository for all logging data.
The ultimate goal is to have this single repository used for a variety of purposes, from satisfying auditors and responding to
"Logging standards and practices typically do not exist across an organization, and they are difficult to enforce even if they do exist," says Jay Leek, manager of corporate IT security services at Nokia.
This was first published in October 2007