logging and monitoring policy

Posted on 2011-10-25
Last Modified: 2013-12-06
What types of user activity do you log and monitor in your companies?

Email usage and internet usage are 2 common ones.

Do you monitor anything above and beyond? If so can you provide details and the business benefits such monitoring brings?
Question by:pma111
    LVL 4

    Expert Comment

    Depends largely on the environment.

    In  bank for example you would monitor basically every bit of activity, check who is logging in where and for how long, at what times etc - however in a small to medium office environment this would be overkill.

    However to name a few, I would be keeping track of file store use, file access to some degree, also if possible network utilization as a whole, not just http traffic, as you may have heavy users of voip, torrenters, etc, that would be good to keep an eye on.

    In the end I think it relly needs to be decided on a case by case basis - except for the obvious ones which you have already stated.
    LVL 3

    Author Comment

    Thanks for the reply. Appreciate it. How do you mean file store use? And for file access are we referring to docs on file servers in the domain?

    LVL 3

    Author Comment

    What would heavy voip usage show is this misuse of the phone? Or something more?
    LVL 4

    Accepted Solution

    Sorry for the late reply here, but by file storage I mean, for example:
    You may have mapped drives for each user mapped to the server to give you a single point of backup - I would monitor usage of those shares (and others that users deposit files to on the server) to ensure they don't get cluttered with junk.

    Secondly, yes I'm talking about word documents, databases etc etc.  Eg, you may want to monitor attempted access to secure files - such as an MYOB database that should ONLY be accessed by authorized users.  If you saw the receptionist trying to open the MYOB file, this should raise alarms.

    Well it depends on if you are talking about skype voip, or an actual business grade VOIP system with physical handsets.  If people are using skype heaps to talk to relatives (for example) on company time, using company resources (internet) then that would be a no no that would want to control.  If it's a business grade voip solution, then you would have to check over logs to see where calls are going, if it just so happens someone had to heavily use the system to make business calls, then so be it.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now