IrontouchMS provides comprehensive log monitoring and management services that are critical components of an effective security program. As with all IrontouchMS security services, logging isn't all or nothing. Organizations select the level of service required (monitoring and management, monitoring only, or on-demand) for only those platforms (applications, servers, endpoints) identified as critical.

For many, logging requirements are driven by compliance:

• PCI DSS requires daily log monitoring and analysis:
• Establish a process for linking all access to system components, especially access done with administrative privileges such as root, to each individual user
• Implement automated audit trails for all system components to reconstruct events
• Synchronize all critical system clocks and times
• Secure audit trails so they cannot be altered
• Review logs for all system components at least once a day
• Retain audit trail history for at least one year with a minimum of three months available online.
• GLBA (Gramm-Leach-Bliley Act):
• Detecting, preventing and responding to attacks, intrusions or other system failures
• Design and implement information safeguards to control the risks you identify through risk and security assessments, and regularly test or otherwise monitor the effectiveness of your key controls, systems and procedures.
• Sarbanes-Oxley 404:
• State the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting
• HIPAA:
• Implement procedures to regularly review records of information system activity, such as audit logs, access reports and security incident tracking reports
• Implement policies and procedures that, establish, document, review and modify a user's right of access to a workstation, transaction, program or process
• Identify and respond to suspected or known security incidents and document security incidents and their outcomes
• Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain health information.

There is a lot to think about when considering outsourcing the vast amounts of proprietary security information logs produce. IrontouchMS has thought about it for you: 24 x 7 monitoring and management or monitoring only including verification of alerts and real-time response by SOC security experts.

• On-demand monitoring of critical devices as defined by the user.
• Advanced threat detection achieved using multiple algorithms and non-filtered log analysis over multiple time windows to identify immediate threats and harder-to-detect slow attacks.
• Trending and analysis enables organizations to review current security status, analyze trends, and improve security performance over time.
• Global trending capabilities ensure advance knowledge of what others have experienced that could ultimately be impacting.
• Portal access for auditors to view reports created (including create date, review date, sign-off date) and ticketing audit trails. The audit activities themselves are tracked as part of the overall evidentiary process.
• Forensic access for timely investigation in the event of a compromise
• Report generation in real time for proof of compliance