Strategy and Planning Services
Assuria Auditor and Assuria Log Manager provide tremendous capability in building cyber defences and achieving regulatory compliance, but as with all such solutions, effective planning before any project will save large amounts of resources and will result in far greater benefits. These Assuria services below are designed to assist with the provision of effective strategies in a number of key areas.
Setting appropriate system audit levels
Many organisations are implementing SIM and SIEM solutions (like Assuria Log Manager) to meet regulatory requirements and to build their Cyber Defences. Security and event logs are the foundation of active Cyber Defences and forensic audit trails, but in many cases one of the most important steps in this process is completely overlooked. That is the step of assessing and configuring appropriate system audit levels, especially on servers and critical endpoints.
The essence is this; if systems are not actually logging critical security or compliance events because they haven't been configured to do so, then it doesn't matter how good the SIM/SIEM implementation is, those events will be permanently lost, security event alerting will be invalidated and security will be massively compromised. Not only that, future forensic investigations will be all but impossible. On the other hand, overzealous audit settings can generate huge volumes of data, significant system performance impact and potentially mask the true issues.
This service will help you to set the appropriate level of system auditting, taking into account security and compliance requirements, as well as sizing and performance considerations.
Log collection and management strategies
Along with setting appropriate audit levels for security critical systems, there are also important factors to consider when establishing log collection, rotation and management strategies. Most regulatory standards such as CoCo, PCI-DSS and ISO27001 clearly define retention periods for online storage of logs and in some cases they define periods for offline retention. However, while complying with these standards is a must, there are many other parameters to consider.
For example, once correct audit levels have been set and log retention strategies have been set, a detailed sizing exercise must be undertaken in order to establish online and offline storage requirements for collected logs, target system log sizes, log rotation settings (time or volume based), spool area size and other settings. This service will help to calculate detailed sizings, log rotation strategies and operational log management strategies.
Compliance assessment service
This service has been designed to meet the needs for organisations where there is a need to demonstrate IT infrastructure compliance (particularly business servers) to comply with regulatory standards such as ISO27001, PCI DSS, GPG-13, but where there is a lack of the requisite knowledge or sufficient resources (or both) to achieve such compliance.
Our compliance professionals (including CLAS consultants) will help you to plan and implement the level of compliance that meets your needs, whether these needs are driven by outside regulatory bodies or from internal audit processes.