It’s usually assumed that when a user says “but I have a secure password” that they don’t; however, a lack of security isn’t always due to lack of knowledge. With increasingly large and complex IT environments, it’s becoming more and more difficult to keep up with securing all the components. Of particular interest, what about ensuring that your logs and audit trails themselves are secure? This is what I will be focusing on, in particular how to:
As with all things, part of the “recovery” in “disaster recovery” involves a healthy dose of humor to learn and move past mistakes. As I cover the central requirements for secure logging, I’ll also use experience to show how to handle changes in security requirements iteratively.