How much effort should be put toward encrypting security log transmissions to protect data confidentiality? We're concerned about the overhead that encryption may impose on our systems.
Your question gets the honor of receiving my favorite answer to security questions: It depends! There really isn't a cut-and-dry answer to whether
should be used for log traffic (or any other traffic, for that matter). You need to ask yourself a few questions:
What data is contained in the log files?
Do they contain confidential information?
Do they contain data that would assist someone attempting to compromise your system?
Where is the transmission taking place? Is it on a secured internal network, or are the logs being sent over a public network?
If you're dealing with extremely confidential logs or ones that traverse public networks, encryption is most likely worth the expense. Otherwise, it may not be necessary.
Look before leaping into database encryption.
Take the pain out of log analysis.
Dig Deeper on Disk and file encryption tools
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ...
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ...
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ...