ISO
ISO 27002 is recognized as an international information security standard that provides information management security recommendations to those who are responsible for security in their organization. ISO standards, when compared with current controls, enable organizations to proactively identify weaknesses and threats before the auditor does. The ISO standard specifically mandates audit logging in section 10.10.1, but also mandates monitoring of system use in section 10.10.2 and monitoring of administrative and operator activity in section 10.10.4. In addition, log data can evidence that many other measures are implemented properly, such as identity management (8.8.3, timely removal of access rights) and change management (10.1.2).
The benefits of LogLogic’s solutions for ISO:
- The LogLogic Open Log Management platform builds the foundation to monitor user and system activity.
- LogLogic also provides an ISO Edition with the LogLogic Compliance Suite as an add-on reporting package to LogLogic Open Log Management Platform.
- LogLogic Security Event Manager adds security event correlation for advanced threat detection and can help prioritize the daily stream of event and automate incident management follow-up.
- LogLogic Database Security Manager adds specialized monitoring for your databases, including real-time blocking of suspicious activities.
Key Elements of ISO/IEC 27002:
- Security policy
- Organizing information security
- Asset management
- Human resources security
- Physical and environmental security
- Communications and operations management
- Access control
- Information systems acquisition, development and maintenance
- Information security incident management
- Business continuity management
- Compliance
While LogLogic can provide you with the tools to enable you to achieve compliance, LogLogic cannot determine if you have met your compliance objectives. For any such determinations, you are advised to consult with a qualified advisor.
