NCUA. Some PCI but not all yet. We don't create cards but will in the future so PCI will be a big hit around here..lol and GLBA...
Doing the best I can with senior management but last August they were here and recommended a Generator and replication, WE purchased them within 2 weeks. Don't need them but purchased them... I feel like I am going to have a lot of work ahead of me. From: Andrew S. Baker [mailto:[email protected]] Posted At: Wednesday, January 25, 2012 5:12 PM Posted To: [email protected] Conversation: FW: SIEM Subject: Re: FW: SIEM You need to speak to your senior mgmt about the auditors. Have them show you some *current* best practices, or some compliance requirements that mandate this. Or, if the stubborness prevails, convince your management to sign off on the acceptance on this "legacy" configuration, because they are increasing your risk profile. Please tell us the auditors, so we can prepare ourselves to avoid them at all costs. I haven't had to have this particular argument with auditors since 2005 or 6. As for the SEIM, it's not a bad idea, necessarily. But I would highly recommend opensource to start, so you better manage costs. As for the encryption everywhere, that is just foolhardy for most businesses. To solve this particular problem, just research a few end-to-end security vendors and bring the invoice -- with list prices -- to your management team. It'll be shot down so fast you might get dazed. Your auditors are obviously trying to make up for a deficiency in revenue at their organization... What industry or government regulations are you subject to? ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Wed, Jan 25, 2012 at 3:21 PM, [email protected] <[email protected]> wrote: So far it is their way only no discussion and I should have had this in place already. Still not in the discussion phase of the audit so I may get a chance to talk back but so far it has been you are a bad bad administrator and should be bound and beaten. I am working on the bound part but I may need a good beaten.... Thanks guys. They want to make sure my way of looking at logs, (SYSLOG and FireGen), is enough but they also want everything encrypted. From: Andrew S. Baker [mailto:[email protected]] Posted At: Wednesday, January 25, 2012 2:36 PM Posted To: [email protected] Conversation: FW: SIEM Subject: Re: FW: SIEM You've got some fun auditors. Google will help you here. (Understanding of the category, rather than selection of the tool) Why aren't you asking the auditors these questions? ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Wed, Jan 25, 2012 at 2:14 PM, [email protected] <[email protected]> wrote: This is new to me. What is SIEM and what do I do with it? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
