Nearly every business has a web application or a mobile application to allow a rich customer experience or provide employee workplace flexibility. Customers and employees can use these tools from any device, anywhere on the planet to interface with your most sensitive data. Most of the critical information a business deals with today is accessible via the internet in one fashion or another.
Just 10 years ago, most of this data was locked up in a data center surrounded by firewalls, barbed wire fencing and security guards. You had to be physically present to access it. Today, however, this isn’t the case. We’ve greatly expanded the availability of this data. And that’s a good thing. It has enabled an entirely new way to do business. It has fostered innovation and flexibility.
One thing that hasn’t changed with the times is how we log activity in this new and ever expanding world of access. These web applications and mobile applications in many cases don’t keep sufficient records of authentication successes and failures, data that was accessed, changes made to configurations or data, abnormal input, excessive report requests and similar activity.
This information is extremely necessary. Previously, security of data was ensured by securing the physical location and the infrastructure the data was stored or processed on. Now, that infrastructure is largely an unknown entity. Data owners have no idea if the infrastructure their data is being accessed from is secure or not. This makes tracking access to the data that much more important. Understanding how data is being accessed, from where, by whom and how it is being used must be the new information security model.
Application event logging must become more robust in order to identify the threats against the data from sources no longer under your control. You can’t rely on anti-virus tools to protect data on systems you don’t own. Data owners need to track and monitor data security more than ever before. As with all event monitoring, don’t just look at this as a security tool though. Think about the operational intelligence you can get from understanding more about usage trends in general. Knowing when data is being accessed the most, from what location, language and device type could provide insight into new market opportunities you never knew existed.
Information security event logs are critical for ensuring the confidentiality, integrity and availability of critical systems and data. However, when big data techniques are applied to this data, a whole new wealth of knowledge can be gained to help drive your business further.Read more on event log monitoring