Search

1 to 4 of 4
Sort by

Blog Entry
Beyond Audit Trails

SharePoint includes a robust auditing capability, but audit trails only show that items are accessed or edited, when that occurred and by whom. Audit trails do not show why items were edited, and that might become important

Daniel Antion's profile image

Blog Entry
Why the RMA is DEAD

The benefit to the organization is that they now have a full audit trail of each business transaction that can be used for legal discovery, litigation holds, audits, and more

Mark Mandel's profile image


Blog Entry
What Do You Do with Audit and Event Logs?

: Logging security related events, used to identify and track external or internal attacks - Information Security Real time intrusion detection logs – Information Security Recording changes made to a system in a log – Change management The creation of an audit trail down to key stroke level – Investigations / Forensics Identifying policy violations – Information Security Optimising system and network performance – Information Technology Identifying operational trends and long term problems - Information Technology The picture doesn’t get any clearer when, as you trawl through the Internet looking for that compelling piece of guidance, law or regulation you constantly return the well meaning commentary, which I broadly paraphrase: developing specific recommendations is very difficult because there is no consensus retain activity logs for 3 to 7 years logs are required to be retained for SOX purposes retain as required by local law or regulation…… … you don’t say… But one thing is clear, amongst the myriad of descriptions and purposes attributed to computer generated logs, there is consensus on a few things across the technology industry: Logs are important – you only need to consider what they could prove or disprove They are big and getting bigger – the logs have a huge propensity to consume storage Some uses are well defined – Information Security for instance Others are less so – for instance the real potential to evidence management control So what is the answer… these logs started out for administrative purposes but are gradually (well, as gradually as the poles are melting) morphing into something else; something far more challenging and interesting to the Records Manager

Roger Poole's profile image