Risk isn’t the only thing to consider when planning a decision tree. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . During tuning, we’re sometimes asked, as we help our MSSP Clients establish a detailed decision tree (modify our default to their own situation), “are […]

In the absence of specific guidance, organizations are left to use their judgement in retaining logs… Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Not long ago a Client asked for my input on their firewall log policy, as they were collecting logs but […]

Object Access Limitations. . . While offering some visibility, there are limitations to object access monitoring. If your organization has to comply with industry regulations such as GLBA, HIPAA, or Sarbanes Oxley, you know that maintaining data security and privacy are important, and one of the ways you can accomplish that is with object access […]