We answer your questions

Why is log management so enormously important? What are the cyber risks? What are the legal requirements for IT security?

Three important drivers for log management

Technological progress and the increasing digitalisation of business processes mean that more and more data is being collected, stored and transmitted. For companies, this not only creates exciting new opportunities, but also potential dangers, for example through the loss or misuse of highly sensitive data. This results in three important drivers for log management.

The risks to your IT security

The practical data carriers can easily get lost, and thus possibly important data can fall into the wrong hands. But also the unprotected connection to the internal company network could lead to unintentional virus transmission.

End devices such as laptops are often not encrypted or connected to the company network via inadequately secured VPN access. This creates security gaps through which unauthorised third parties can gain access to the company network and steal valuable data.

They are often introduced unnoticed by carelessly opening mails or downloads and can cause great damage in or to the entire system.

Those who rely on cloud solutions transfer a lot of responsibility to the service provider: over hardware and software and thus over the data. As a rule, one knows neither where the data is physically stored nor what happens to it in the background. Thus, there are unimagined risks with regard to the confidentiality and integrity of data, data protection, compliance and much more.

Also consider that servers can be damaged by fire or flooding, for example, and thus data can be lost or entire systems can be paralysed.

The danger of misuse of personal data is also real. For example, privileges of certain employees can be exploited to cause damage to the production process or to access sensitive data. Loss of control, blackmail and financial damage are often the result.


Cyber risks do not only come from external hackers, but also from (former) employees - consciously and unconsciously. Read the Bitkom study on this topic.


Cyber risks do not only come from external hackers, but also from (former) employees - consciously and unconsciously. Read the Bitkom study on this topic.

Possible consequences for your company:

Financial losses can result from costs for restoring data or from contractual penalties and fines. These can amount to up to 4% of the annual turnover (or up to €20 million).

Anyone who loses sensitive (customer) data must expect to lose trust in the long term. This could have existential consequences, e.g. job or company losses.

Production stoppages usually lead to problems in the entire process within the organisation and ultimately to (serious) losses in turnover.

To prevent damage in all aspects, we support you with our services comprehensively, competently and reliably.

The motto: prevent problems before they occur

Failures or security gaps can have serious consequences for society, the economy and the state, especially in the area of critical infrastructures (CRITIS). This means companies in the healthcare sector, electricity and water supply, telecommunications and the financial sector.

Precisely because of the many risks, there is growing pressure to implement precautionary measures for data security and data protection. For this reason, there is the German IT Security Act: With the goal of information security through

But other legal requirements and regulations also prescribe technical and organisational measures (TOMs) for the security and protection of data:


The European General Data Protection Regulation requires data economy, non-linkability, transparency, logging, intervenability and alerting in case of incidents.


The Federal Data Protection Act regulates the handling of personal data for information and communication systems


The Trade Secrets Act requires the protection of confidential business information (trade secrets) against unlawful acquisition and unlawful use and disclosure.

BSI IT-Grundschutz

The federal government's catalogue for identifying and combating security-related vulnerabilities.


The Corporate Sector Supervision and Transparency Act forces companies to implement a company-wide early risk detection system.


Prudential requirements for IT.


Standard for Information Security Management Systems ISMS and thus the most important cyber security certification.


Capital management regulatory requirements for IT.


Minimum requirements for risk management.


Act implementing the European Directive on ensuring a high level of network and information security.


Standard for information security in the automotive industry.


Insurance supervisory requirements for IT.

They all have one central message: secret information must be actively protected, the protection must be proven and access must be logged.


All regulations explicitly require the logging of data and thus automatically also log management.


All regulations explicitly require the logging of data and thus automatically also log management.

Simply explained: What is log data and why is it so important?

Log data, also called (event) log files or log files, are files in which computer processes log various events. Among other things, information such as user names, file paths, transmission logs, database transactions, IP addresses & timestamps are recorded.

This makes log files the most important sources of information for making processes on a system traceable . They are particularly important for problem and error analysis, reconstruction of lost data, monitoring proper operation and improving systems.

So anyone who can manipulate log files without a trace is de facto untraceable. Therefore, not only is there the greatest risk of manipulation here, but also the greatest risk of damage - both through damage to the perpetrator and through sanctions by the authorities.

That is why log management with the right tool is irreplaceable.

Log files are distributed throughout the network and written in idiosyncratic languages and formats. To ensure their legally compliant and tamper-proof management and storage, the criteria for this must be defined in a log file management strategy.

Such a strategy includes copying log files, distributing them to other systems and archiving them. Only in this way can they be used for reconstruction and analysis in the event of security incidents. With the ever-increasing amounts of data, this is becoming a real Herculean task.

That's why a comprehensive log management tool is worth its weight in gold.

An example: The flight recorder in the aircraft, the so-called black box, continuously logs all processes in the aircraft's system. Based on the logged data, incidents can be analysed and reconstructed afterwards.

In the IT infrastructure, the flight recorder is called ProLog.

ProLog combines the three most important drivers for log management.

IT audit

Numerous laws (see above) prescribe which requirements a company has to fulfil in terms of IT security. With ProLog, we offer our customers a cross-sector solution that already includes audit-proof reporting packages and thus covers all legal requirements.

IT security

With ProLog, your IT becomes even more secure. Thanks to suitable filters & alarms, you are notified of certain activities. And through regular reports you can get information about possible weak points in the system.

IT operations

ProLog enables you to get a quick and easy overview of processes in your IT. This allows you to optimise processes such as the handling of problems or support requests.

We help to ensure optimal IT security in your company. So that you can look forward to the next IT audit with confidence.