Legal and regulatory compliance with event log monitoring

Regulatory agencies and public auditors require tools to follow audit trails back in time. For any number of reasons including but not limited to company exposure to lawsuit; eDiscovery requests stemming from user impropriety; contractual disputes and compliance with government and agency regulaitons, your small to medium business may need to produce a trail of specific events from the past.

A recent survey carried out by SANS Institute found that 44% of system administrators do not keep logs more than one month. With regulatory and government agency requirements citing log retention periods of sometimes three to seven years, this could be a big problem, just waiting to happen.

Regulatory bodies and acts such as Basel II, PCI Data Security Standard, Sarbanes-Oxley Act, Gramm-Leach-Billey Act, HIPAA, FISMA, USA Patriot Act, Turnbull Guidance 1999, UK Data Protection Act, EU DPD; all require event retention. Many also require event review, for instance NIST recommend a log review at least twice a week. Event logs are the primary source to determine level of compliance and identify deficiencies.

In-depth regulatory compliance reference material

Refer to our specialized material to learn more about the different requirements posed by different regulatory bodies:

• What are the Sarbanes-Oxley act legal requirements for security auditing?

Why use GFI EventsManager™ to meet Legal and regulatory compliance?

• Save money from legal compliance penalties
• Automatically archive unaltered logs in one central database that is easy to manage
• Generate reports from event logs to ensure that network resources are being used appropriately.