20 for 2020: Know What’s Knowable

(Maintenance, Monitoring and Analysis of Audit Logs)

Originally from David’s Linkedin:

Ch 6 of Tetra Defense‘s #20for2020: “Know What’s Knowable”

Up next we tackle the “Maintenance, Monitoring and Analysis of Audit Logs”

The major systems you use to run your business (Windows, Microsoft Office, etc) give you the option to enable a critical information security feature: audit logs. These logs keep a detailed record of things like who accessed your systems, when they accessed them, where they accessed them from, and what someone did once they had access.

A basic tenant of cybersecurity is that it’s not if you’ll get breached, it’s when. That means you have to plan for a possible attack.

Nothing gives you a clearer view into what a hacker did once they got into your system than detailed logs. And if reviewed regularly, they can help you detect the presence of a hacker within your network sooner.

Having these audit logs enabled can also help you avoid a major privacy liability issue (something your cyberinsurance carrier will be happy to hear). If you have logs enabled, you have a better chance of saying decisively whether or not a hacker access private information or not.

Logs are not automatically enabled, though; your IT administrator needs to enable them if you hope to benefit from them.

Check out the rest of the 20 for 2020 video series: