The optimum solution guarantees individual logging, while also recording every successful and unsuccessful event, such as login, data access and administrative activities. Additionally, these audit trails should also be stored in a safe manner and be encrypted and signed and unable to be altered manually. Another key feature to look for is the solution’s ability to maintain an audit trail for a predefined period of time, making it impossible to delete the log before the retention period expires.
6. Maintain an Information Security Policy - The responsibility for this falls squarely on your IT department and management team to create, define and enforce an information security policy throughout the organization. The policy should address all relevant rules and regulations defined by regulatory bodies who may have an interest in your activities, and your users should be fully aware of the obligations as well as penalties for non-compliance.
In today’s increasingly regulated business environment it’s only a matter of time until the phone call comes from someone inviting themselves for a visit, and hopefully you have all your information readily at hand. After all no one doubts that you’re an honest businessman, but can you prove it. So make the resolution not to be the data breach story of 2006!