http://www.spamstopshere.com/blog/2008/09/23/privileged-access-and-information-integrity-auditing/ IT and security blog Wed, 07 Jan 2009 12:29:00 +0000 http://wordpress.org/?v=2.3.3 http://www.spamstopshere.com/blog/2008/09/23/privileged-access-and-information-integrity-auditing/#comment-3383 Christophe Tue, 23 Sep 2008 14:53:17 +0000 http://www.spamstopshere.com/blog/2008/09/23/privileged-access-and-information-integrity-auditing/#comment-3383 Thanks for evangelising the issue of data integrity. You are absolutely right with your conclusions, audit trails are a prime target for tampering and they must be protected, idealy indepently from the privileged users. This is a clear security gap in most organizations. It remains so until pain is being suffered (evidence rejected in a litigation for example). There are specific techniques to protect audit data from tampering. This is our speciality at Kinamik Data Integrity. I am happy to discuss this topic with anyone who has an interest (cprimault(@)kinamik.com). Thanks. Thanks for evangelising the issue of data integrity. You are absolutely right with your conclusions, audit trails are a prime target for tampering and they must be protected, idealy indepently from the privileged users. This is a clear security gap in most organizations. It remains so until pain is being suffered (evidence rejected in a litigation for example). There are specific techniques to protect audit data from tampering. This is our speciality at Kinamik Data Integrity. I am happy to discuss this topic with anyone who has an interest (cprimault(@)kinamik.com). Thanks.

]]>