GOOD TO KNOW
We answer your questions
Why is log management so enormously important? What are the cyber risks? What are the legal requirements for IT security?
Three important drivers for log management
Technological progress and the increasing digitalisation of business processes mean that more and more data is being collected, stored and transmitted. For companies, this not only creates exciting new opportunities, but also potential dangers, for example through the loss or misuse of highly sensitive data. This results in three important drivers for log management.
The risks to your IT security
The practical data carriers can easily get lost, and thus possibly important data can fall into the wrong hands. But also the unprotected connection to the internal company network could lead to unintentional virus transmission.
End devices such as laptops are often not encrypted or connected to the company network via inadequately secured VPN access. This creates security gaps through which unauthorised third parties can gain access to the company network and steal valuable data.
They are often introduced unnoticed by carelessly opening mails or downloads and can cause great damage in or to the entire system.
Those who rely on cloud solutions transfer a lot of responsibility to the service provider: over hardware and software and thus over the data. As a rule, one knows neither where the data is physically stored nor what happens to it in the background. Thus, there are unimagined risks with regard to the confidentiality and integrity of data, data protection, compliance and much more.
Also consider that servers can be damaged by fire or flooding, for example, and thus data can be lost or entire systems can be paralysed.
The danger of misuse of personal data is also real. For example, privileges of certain employees can be exploited to cause damage to the production process or to access sensitive data. Loss of control, blackmail and financial damage are often the result.
Interesting
Cyber risks do not only come from external hackers, but also from (former) employees - consciously and unconsciously. Read the Bitkom study on this topic.
Interesting
Cyber risks do not only come from external hackers, but also from (former) employees - consciously and unconsciously. Read the Bitkom study on this topic.
Possible consequences for your company:
Financial losses can result from costs for restoring data or from contractual penalties and fines. These can amount to up to 4% of the annual turnover (or up to €20 million).
Anyone who loses sensitive (customer) data must expect to lose trust in the long term. This could have existential consequences, e.g. job or company losses.
Production stoppages usually lead to problems in the entire process within the organisation and ultimately to (serious) losses in turnover.
To prevent damage in all aspects, we support you with our services comprehensively, competently and reliably.
The motto: prevent problems before they occur
Failures or security gaps can have serious consequences for society, the economy and the state, especially in the area of critical infrastructures (CRITIS). This means companies in the healthcare sector, electricity and water supply, telecommunications and the financial sector.
Precisely because of the many risks, there is growing pressure to implement precautionary measures for data security and data protection. For this reason, there is the German IT Security Act: With the goal of information security through
-
Confidentiality
Confidentiality is given when data worthy of protection is only accessible in a permissible manner exclusively for authorised persons.
- IntegrityIntegrity is present when it is ensured that the data sent reaches the recipient unchanged and complete.
- AvailabilityThe availability of information technology systems and components exists when they can always be used in accordance with their purpose and functional scope.
- AuthenticityAuthenticity is present when the unique identity of the communication partners (but also of the communicating components) is ensured.
But other legal requirements and regulations also prescribe technical and organisational measures (TOMs) for the security and protection of data:
EU-DSGVO
BDSG
GeschGehG
BSI IT-Grundschutz
KonTraG
BAIT
ISO27001
KAIT
MaRisk
NIS
TISAX
VAIT
They all have one central message: secret information must be actively protected, the protection must be proven and access must be logged.
Conclusion
All regulations explicitly require the logging of data and thus automatically also log management.
Conclusion
All regulations explicitly require the logging of data and thus automatically also log management.
Simply explained: What is log data and why is it so important?
Log data, also called (event) log files or log files, are files in which computer processes log various events. Among other things, information such as user names, file paths, transmission logs, database transactions, IP addresses & timestamps are recorded.
This makes log files the most important sources of information for making processes on a system traceable . They are particularly important for problem and error analysis, reconstruction of lost data, monitoring proper operation and improving systems.
So anyone who can manipulate log files without a trace is de facto untraceable. Therefore, not only is there the greatest risk of manipulation here, but also the greatest risk of damage - both through damage to the perpetrator and through sanctions by the authorities.
That is why log management with the right tool is irreplaceable.
Log files are distributed throughout the network and written in idiosyncratic languages and formats. To ensure their legally compliant and tamper-proof management and storage, the criteria for this must be defined in a log file management strategy.
Such a strategy includes copying log files, distributing them to other systems and archiving them. Only in this way can they be used for reconstruction and analysis in the event of security incidents. With the ever-increasing amounts of data, this is becoming a real Herculean task.
That's why a comprehensive log management tool is worth its weight in gold.
An example: The flight recorder in the aircraft, the so-called black box, continuously logs all processes in the aircraft's system. Based on the logged data, incidents can be analysed and reconstructed afterwards.
In the IT infrastructure, the flight recorder is called ProLog.
ProLog combines the three most important drivers for log management.
IT audit
Numerous laws (see above) prescribe which requirements a company has to fulfil in terms of IT security. With ProLog, we offer our customers a cross-sector solution that already includes audit-proof reporting packages and thus covers all legal requirements.
IT security
With ProLog, your IT becomes even more secure. Thanks to suitable filters & alarms, you are notified of certain activities. And through regular reports you can get information about possible weak points in the system.
IT operations
ProLog enables you to get a quick and easy overview of processes in your IT. This allows you to optimise processes such as the handling of problems or support requests.