Log management is an often overlooked function of any IT organization. On one hand it is a very simple thing, however when implemented, you may find yourself overwhelmed in a plethora of details and related problems and can inevitably lead many to just drop the implementation – with the thought – we may not need it, everything is working on its own.
In addition to a great stash of valuable information, visibility, capabilities for additional alerting, predictions, forensic and behavior analysis, log management is one of the areas of control for multiple compliance and regulatory frameworks.
Relevance to Laws and Regulations: There are multiple compliance regulations related to log management. It is the law to log and review.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines relevant technical and non-technical security standards to ensure individuals’ ePHI, “electronic protected health information”.
The PCI DSS was created to encourage and enhance cardholder data security and facilitate the extensive adoption of consistent data security measures worldwide. This applies to all organizations that store, process, and/or transmit cardholder data.
SOX requires that all publicly traded companies establish and follow a framework of internal controls that support accountability and integrity of the financial reporting process. A vital part of SOX requirements includes the collection, management, and analysis of log data.
The ISO 27001 standard is a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving management systems information security (ISMS) within the context of the overall commercial risks of the organization.
FISMA requires all federal agencies to document and implement controls for information technology systems that support their operations and assets.
HMG organizations are required to follow Protective Monitoring for HMG ICT Systems, based on Communications-Electronic Security Group’s GPG 13 to gain access to UK GCSX, Government Connect Secure Extranet.
NERC has its own framework to protect bulk power systems against cyber security compromises that could result in operational failures or instability.
GLBA, also known as the Financial Modernization Act of 1999, was enacted to secure protection over customer records and information.
201 CMR 17.00
The Massachusetts General Law Chapter 93H regulation 201 CMR 17.00 was established to protect personal information of residents of the Commonwealth of Massachusetts. This regulation applies to all organizations, companies, or persons that own or license personal information about Massachusetts residents.
Since IT environments can generate millions of logs daily, DoDI 8500.2 has recommendations of analyzing and reporting on log data can reduce manual or homegrown remedies that are inadequate and cost prohibitive.
NIST-CSF sets information security standards and guidelines for serious infrastructure as defined within the Executive Order 13636 from the President of the United States of America.
NIST 800-53 produces information security standards and guidelines for federal information systems.
NRC RG 5.71
In the Code of Federal Regulations, Section 73.54, Title 10 it is required that the NRC licensees provide high assurance that digital computer and communication systems and networks are sufficiently protected against cyber-attacks.
NEI 08-09 Rev 6
The NEI developed and published the NEW 08-09 Rev 6 to address many areas surrounding access control, audit and accountability, incident response, and system and information integrity. This is an extension of CFR 73.54.
Digital Edge is proud to introduce our new and latest product LogIT. Log Management will allow us to assist our clients uncover the value of something that already exists, but is not visible in their information technology environment's plethora of valuable information. Digital Edge ensures that our clients will get the most out of their application, system, and security logs. Besides collecting and storing logs, LogIT will help expose the full use of logs and machine data for network protection and compliance.
Digital Edge provides enterprise ELK Log Management Solution, cloud based or on premises. We stand out from our competitors for multiple reasons – including that we do not limit retention period and we don't have restrictions for value or speed for log streams. Additionally, we customize dashboards for our clients individual needs and expose our services to clients over VPNs of private cross-connects in data centers that we support. On top of all that, Digital Edge's LogIT can provide an unparalleled solution in today's IT Landscape.
Through sensors, Digital Edge captures all possible information generated in any device, application, and security event. We ensure security by staying alert on any security alert generated by any infrastructure device or application, along with collecting valuable forensic information. LogIT also provides a combination of structured and unstructured search built on our Elasticsearch backend. Unstructured search provides a Google-like experience while our MDI fabric enables contextual search when greater precision is required. Our search builder allows you to easily realize the best of both worlds instantly.
Click the link https://www.digitaledge.net/log-management-assessment-tool/ to assess your log management needs and budget. For further information please feel free to contact us.