More to Regulatory Acts then Logs

Whether you are simply improving your IT security or complying with a regulatory act, documentation is key. Prior to putting in place any security, proper planning, with the supported documentation is required. This will ensure that you acquire the proper tools, hire the appropriate personnel and give you piece of mind in the end.

A written plan on every aspect of your security and the auditing processes are required. This assists to ensure all areas are covered and in developing contingency plans. It must include who is responsible for every aspect. The reports generated by the log files will then support your documentation.

IT World developed a top 10 ways to fail your audit:

1. Overly complex password policies. If passwords are to difficult to remember, employees will write them down or share passwords. When developing your policy keep this in mind.
2. Relying on one person for access to all systems. Most regulatory acts require that access to systems are divided so that one individual cannot control the entire IT network. Ensure that passwords for servers, etc are written down and placed under lock and key.
3. Focusing only on perimeter security. Security must exist throughout the organization, ensuring that the accounting system, human resources, etc is protected from employees as well as the outside world.
4. Ignoring best security for wireless or remote users.
5. Preshared keys for VPN or shared passwords. Pre-shared keys for VPNS does not mean to share your access with others in the office.
6. Ignoring physical security. Keeping your computers secure but ignoring locking of filing cabinets, offices, etc.
7. No or incomplete documentation on how your network is setup, who is responsible for what and who to call when an incident occurs.
8. Lack of testing of security in place both internal, external and physical.
9. No forensic or contingency plan.
10. No acceptable usage policy that has been read and signed off by employees.