Well, in today’s post it is all about the logging. In a future post it will be all about the alerting.
Sensitive data. What is it?
While there are some obvious types of data that should be considered sensitive (bank account information, social security numbers, dates of birth, private health records), most companies are expanding that population of classified sensitive data to include financial information, intellectual property records and other designated data that would represent a risk if exposed.
Sensitive data is typically managed and stored in applications. In our new connected world, users are connecting to those applications from a variety of devices that may or may not be inside the corporate network. And they are typically connecting via a web browser. Literally the most common application available in our internet driven world.
Bottomline, those applications are now open to a much larger population of users . They are also exposed to any potential bad actor with a web browser.
And adding to the challenge, many of those applications that house sensitive data were designed and deployed back in the pre-internet days, when access was limited to a few select individuals behind the walls of the corporate network. Security controls back then didn’t account for opening those applications to the world.
But the end goal hasn’t changed. Data needs to be protected. Sensitive data really really needs to be protected.
The key to protecting that population of sensitive data is applying controls that limit access to that data to only those individuals that need to see it, and only when they need to see it.
The question becomes, how do you monitor the effectiveness of those controls? And how do you respond in a timely manner when those controls are subverted or bypassed?
This is where effective logging comes into play. And by effective, I mean comprehensive and tailored to formats that enable easy searching and investigation.
Let’s focus on access activity logging. What are some key components of an effective application access logging strategy?
Introducing an effective logging framework is a key component in an application security strategy. It is especially critical when dealing with legacy applications where the built-in logging capabilities are limited and not very configurable.
Reach out to firstname.lastname@example.org and let us show you how Appsian can help bolster your application logging capabilities.