PCI DSS. HIPAA/HITECH. State Privacy Laws. What do all these compliance regulations have in common? They require you to be collecting and monitoring your system logs. To give an example of how logging works, if someone tries to sign into an IBM i (or any server) and for whatever reason and the username or password is invalid, that event is logged in the system log. Why is this important? Because if you were to look at this system log in real-time and notice several invalid username and password events, you would say “Hey, our system is being attacked. We need to take action on this now.”
Unfortunately, compliance regulations sometimes aren’t enough of a reason for a company to do everything that they should to protect your sensitive data. Many times there just isn’t a budget for additional technology or when management does spend money, they want to see a return on their investment (ROI). Luckily, there is a clear ROI when you invest in a system logging solution. Here are three things to help you make your case to management on why you need to purchase a system logging solution:
1) Save Time
System logging can make life easier for the IT department, giving them back time to work on other projects. Recently we had a customer purchase Alliance LogAgent, our IBM i (AS/400) system logging solution, and was sending system logs to his SIEM console within an hour of getting started.
2) Save Money
Everyone wants to save money, right? Sure, it might be possible to write your own logging application (not an easy feat on the IBM i), but why waste a developers valuable time? Alliance LogAgent is a low-cost solution that is trusted by companies worldwide.
3) Solve Business Problems
System logging will solve business problems. An audit can be a problem and we see companies getting dinged on logging all the time. Not knowing who is logged into your system is a problem that auditors will not overlook. The sooner you can get through an audit, the sooner you can be back to focusing on business.
Listen to our podcast “System Logging on the IBM i” for more information on logging, how it can help you meet compliance requirements, what to look for in a logging solution, and how Townsend Security can help you transmit the logs from your IBM i to any SIEM console.