[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

logging and monitoring policy

Posted on 2011-10-25
4
Medium Priority
?
271 Views
Last Modified: 2013-12-06
What types of user activity do you log and monitor in your companies?

Email usage and internet usage are 2 common ones.

Do you monitor anything above and beyond? If so can you provide details and the business benefits such monitoring brings?
0
Comment
Question by:pma111
  • 2
  • 2
4 Comments
 
LVL 4

Expert Comment

by:gwickert
ID: 37024246
Depends largely on the environment.

In  bank for example you would monitor basically every bit of activity, check who is logging in where and for how long, at what times etc - however in a small to medium office environment this would be overkill.

However to name a few, I would be keeping track of file store use, file access to some degree, also if possible network utilization as a whole, not just http traffic, as you may have heavy users of voip, torrenters, etc, that would be good to keep an eye on.

In the end I think it relly needs to be decided on a case by case basis - except for the obvious ones which you have already stated.
0
 
LVL 3

Author Comment

by:pma111
ID: 37030390
Thanks for the reply. Appreciate it. How do you mean file store use? And for file access are we referring to docs on file servers in the domain?

0
 
LVL 3

Author Comment

by:pma111
ID: 37030397
What would heavy voip usage show is this misuse of the phone? Or something more?
0
 
LVL 4

Accepted Solution

by:
gwickert earned 2000 total points
ID: 37089887
Sorry for the late reply here, but by file storage I mean, for example:
You may have mapped drives for each user mapped to the server to give you a single point of backup - I would monitor usage of those shares (and others that users deposit files to on the server) to ensure they don't get cluttered with junk.

Secondly, yes I'm talking about word documents, databases etc etc.  Eg, you may want to monitor attempted access to secure files - such as an MYOB database that should ONLY be accessed by authorized users.  If you saw the receptionist trying to open the MYOB file, this should raise alarms.

Well it depends on if you are talking about skype voip, or an actual business grade VOIP system with physical handsets.  If people are using skype heaps to talk to relatives (for example) on company time, using company resources (internet) then that would be a no no that would want to control.  If it's a business grade voip solution, then you would have to check over logs to see where calls are going, if it just so happens someone had to heavily use the system to make business calls, then so be it.

Glen
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
An overview of cyber security, cyber crime, and personal protection against hackers. Includes a brief summary of the Equifax breach and why everyone should be aware of it. Other subjects include: how cyber security has failed to advance with technol…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question