Manualshelf

HP StorageWorks XP Audit Log reference guide: HP XP12000 Disk Array, HP XP10000 Disk Array, HP 200 Storage Virtualization System (5697-8004, March 2009)

ManualsBrandsHP ManualsSoftwareHP Remote Web Console XP
21222324252627282930
1 Introduction
This chapter introduces you to the audit logs created by XP Remote Web Console. It describes the
purpose of the logs, how to download them, and descriptions of the audit logs.
Introduction to audit log
The practice of logging and log management using syslog has been used for many years, but using
storage technology as part of the process is relatively new. The audit log function allows you to record
the access, activity, and configuration changes made to your storage system.
Audit log has two primary types of functions:
Helps ensure data security by alerting management and administrators to unusual or suspicious
network and system behavior. This includes providing security auditors with the information required
to validate security policy enforcement and proper segregation of duties.
Helps with regulatory compliance, by allowing you to implement centralized aggregation of log
data and formal data retention policies.
Increasing data security
Unfortunately, security incidents from both internal and external sources are a real possibility that
cannot be ignored. It is becoming increasingly common for data protection and privacy regulations
to hold firms accountable for safeguarding their data. The general legal standard is one of “due
care.” This means at a minimum complying with industry standards, which can include security best
practices and frameworks (such as, COBIT, BITS, COSO) and standards (such as, ISO 17799 and
NIST SP 800-53).
The audit log monitors and records log ins, log outs, and configuration changes to the storage system.
This helps you with root-cause analysis following any security breaches, violation of internal protocols,
or other incidents, and allows you to take preventive or corrective actions where necessary.
Providing an audit trail for regulatory compliance
Audit log allows you to maintain and provide evidentiary information that satisfies the ever-growing
body of laws and regulations. Businesses are now required to maintain certain types of data in a
format that will withstand an outside audit. At a minimum, these regulations require you to track data
ownership, and provide long-term protection and retention of the log data. Audit log helps businesses
meet the increasingly strict and complex regulatory requirements, and avoid civil and criminal liability.
Some examples of specific statutory requirements are as follows:
In the United States, the Health Insurance Portability and Accountability Act (HIPAA) requires
hospitals, physicians, and managed care companies to adopt security, privacy, and data standards
for medical information. It requires organizations to “audit and monitor system and user activity
across the entire network, identify and investigate security breaches and suspicious behavior, and
maintain an audit trail of user and network activity.” HIPAA also specifies that companies should
retain and protect log data as evidence...up to 6 years.
XP Audit Log reference guide 21