« August 2008 | Main | November 2008 »
BriefingsDirect Transcripts: Systems Log Analytics Offers Operators Valued Performance Insights While Setting Stage for IT Transformation Benefits
Despite growing complexity, IT organizations need to reduce operations costs, increase security and provide more insight, clarity, and transparency across multiple IT systems -- even virtualized systems. A number of new tools and approaches are available for gaining contextual information and visibility into what goes on within IT infrastructure.
IT systems information gushes forth from an increasing variety of devices, as well as networks, databases, and lots of physical and virtual servers and blades. Putting this information all in one place, to be analyzed and exploited, far outweighs manual, often paper-based examination. The automated log forensics solutions that capture all the available systems information and aggregate and centralize that information are becoming essential to efficient IT management.
To learn more about systems logs analytics, Dana Gardner recently moderated a sponsored BriefingsDirect panel discussion podcast with Pat Sueltz, the CEO at LogLogic; Jian Zhen, senior director of product management at LogLogic, and Pete Boergermann, technical support manager at Citizens & Northern Bank.
Listen to the podcast. Download the podcast. Find it on iTunes/iPod.
Read a full transcript of the discussion.
Posted September 14, 2008 in Log Management & Intelligence , Project Lasso | Permalink | TrackBack (0)
« August 2008 | Main | November 2008 »
Logging Poll #9 Analysis: Log Protection and Security
This is the analysis of my last poll; the responses are here and also below.
First, the most obvious conclusion: people still don't care much about log security; I am saying that since this was BY FAR the least popular of my polls. Only 24 people responded, so everything below is pretty unscientific. A good way to explain it: look at the recent media? Do these people care about their key business data and their customer data security? Nope. So, how do we make them care about securing their log data?
Second, it is entirely unsurprising that 83% of respondents want "Authenticated access to log server." In fact, I'd opine that 100% of people want authenticated access to any of their servers :-) But, this was my "red herring" to set the baseline for the rest of the questions...
However, this is where the buck stops: other security measures are notably less popular.
Third, "Logging all access to logs" is my favorite and I am happy to see it reported as popular. But do people really do it? Do you log access to log server OR log access to actual logs? Think about it... I suspect a lot of people who do the latter still answered "yes" to this question. So, does your system allow you to log all access to log data? If not, get LogLogic! :-)
Fourth, "Reliable / acknowledged network transfer of log data" and "Encryption of log data in transit " are two true "no-brainer" security features; they took the next spot at 45% and 50% of those who answered. They are simple, they are easy, they make sense - and, obviously, they don't make logs entirely secure so you need to do more. Why only 50%? Where is THE OTHER 50%?!
Fifth, "all things crypto" are below 40%. "Cryptographic hashing of stored logs", "Cryptographic signing of stored log data" and "Encryption of stored log data" all hover at around 30%. I attribute them to general disregard of log security AND reliance on "system security" (separate server, etc) over "data security" measures for log protection.
Finally, I am embarrassed to admit that I missed the obvious security measure: "Separate server for logging, not accessible from the Internet." Happily, one of my readers added this using "Other security measures" choice. Indeed, this is a good point - and a good idea to do it. Another option mentioned there was "Destroy old logs." Indeed, it helps log security by preventing unauthorized access to logs.
Possibly related posts:
Posted September 05, 2008 in Innovation , Log Management & Intelligence , Risk Management , Security | Permalink | TrackBack (0)
November 2008
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 |
Categories
Archives
- November 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005