When it is a matter of network security, be pro-active. Do not wait for compliance regulation or statutory government legislation.
But, once a regulatory body of your domain formulates compliance acts, you should ensure that your network is secured and compliant with the regulatory act. This will also instill confidence in your customers that you are following standard practices to keep your network secured.
At the next level, if a national government promulgates a law to counter the computer related offenses and if you operate in that country, you have to abide by the act. Failing which you will attract penal action and punishment.
One such example is ‘Computer Crime Act B.E 2550 (2007)’ of Thailand government.
Enterprises with computer networks and service providers should scout for a Security Information Management (SIM) solution which fulfills the requirements of the government act.
The SIM solution application should be,
easy to use
should be able to install on any platform
access the application from anywhere (should we say web-based)
should require minimum manual intervention to operate
collect the security information (logs) from a central location
agent should not be required
should collect information from heterogeneous devices
- analyse, normalise, and aggregate the log information
- provide multi-format, canned, customisable, scheduled, and distributable reports
- generate alerts for anomalous and specific log information
- notify the alerts by Email or other means
- flexible archiving of log information to suit the requirements of government act
- importing the log information from archive or any other system which is not monitored by the application
- analysing and generating reports for imported log information
- exhaustive search feature to cater for forensic analysis requirements of government act
- above all, it should not pinch your pocket
Wonder whether some such SIM solution is available? Give ManageEngine EventLog Analyzer a try.