Log Management - How to Develop the Right Strategy for Business and Compliance

13 October 2009
Download Type: Adobe PDF

From compliance requirements to data gathering for forensic purposes, companies have opened up the floodgates to log data. Based on audit findings and internal investigations, they have deployed expensive technologies and lots of personnel without a full understanding of what to log and why. Companies and organizations need a log management strategy that combines requirements from auditors with a process for the security team based on risk to gain better visibility into log data.

With a five-step process, this white paper will provide the reader with guidance on developing a strategic approach to managing and monitoring logs that enables more efficient compliance with regulatory mandates and more effective defense against security threats:

1. Identify the key drivers for log management at your company.
2. Identify the systems and applications that fall into the scope of monitoring efforts.
3. Determine log monitoring security and retention requirements.
4. Determine what types of events and transactions require monitoring.
5. Define review and response requirements for detection and prevention.  

A business-focused log management strategy matrix helps guide decisions about technology, processes and services, instead of the reverse. The result is better compliance with information security regulations through more focused collection and retention of data, and audit trail proof of review and response.