What is (and what is not) logged by default?
After all, your company can track everything its employees do on company computers, right?
Wrong. In fact, most companies can barely track anything, frightening though that may sound. And it’s a big security worry, to put it lightly.
So, what does ‘logged by default’ actually mean?
What is ‘logged by default’?
Logged by default refers to the record that your IT system makes of everything you do – or, in fact, doesn’t. The issue here is that most people (even some of those who work in highly regulated industries) are of the impression that everything in IT is logged.
And here’s the thing …it isn’t.
Not even close, in fact.
Why does it matter?
Having a record of what you have and have not done, can have an impact that ranges from slightly annoying (if you’re trying to search for a record that doesn’t exist) to full on non-compliance.
And it will be news to nobody (particularly those in the financial sector, though by no means exclusively) that remaining compliant is of great importance. In fact, in some industries, it’s absolutely crucial, and can mean the difference between operating and being shut down. So, in short, this matters.
What might be (or not be) logged by default?
This spans, but is by no means limited to:
- Emails and attachments – large size, certain recipients or senders, personal email recipients or senders
- Access – failed login attempts, login locations (outside the office, foreign countries, etc.), WiFi networks used to login, times of login (e.g. outside working hours), machines used in login (non-work devices), outbound connections to foreign countries, attempts to access inactive accounts,
- Printer usage – specific users, unusual activity (such as quantity and time)
- Applications (both system and web) – admin activity, traffic spikes, communications
- USB usage
Attachments and PDFs
- Working hours
What to do about it
This is a question of either managing your expectations or buying more services.
Whichever you choose, consider types of threats that you may not have thought about: this might include ex-employees, as just one example.
Start tracking and logging what matters to you, your security and your business.
If this raises any questions, just get in touch – we are always happy to hear from you and always happy to help.