Security Information & Event Management Blog | SIEM

Guest blog post, z/OS security, from Barry Schrager Part 2 of 7: User Authentication

Posted by Barry Schrager on Jun 30, 2015 12:10:00 PM

Mainframe Security Part 2: User Authentication

How can a system accurately determine whether access to data should be allowed when it is not certain who the user is? We have seen this in the NSA - Edward Snowden case – he borrowed other administrators’ User IDs and passwords in order to gain access to data that he was not authorized for. Also, people working together sometimes share this information for convenience. But, what does that do for security and accountability? It destroys it. This is a critical situation for any user with access to some segment of an organization’s sensitive data, which is almost everyone these days.

I raised the idea of two-factor identification in my 1974 papers, but the world was different then. 

Read More

Topics: insider threat, automated threat detection; event log management;, Log Management, enterprise SIEM system, indexing and storing data

6 Log Management Questions to Ask this Holiday Shopping Season

Posted by Tony Perri on Oct 5, 2011 10:17:00 PM

Recently, one of our customers reported that they are running upwards of 200 million messages per day through the CorreLog Enterprise Server – and this is just from the IBM z/OS mainframe!  The closer we get to December 25, the more that number will balloon upwards.  Collecting all of this data is certainly a necessity for compliance standards, forensic analysis and managing end-user performance and availability.  But how can they possible make sense of all the data filing through every minute? 

Read More

Topics: compliance standards, automated threat detection, collect log data, PCI DSS compliance, Log Management, security threat, enterprise SIEM system, end-user performance and availability, managing corporate IT security and compliance, indexing and storing data

Subscribe via Email

Connect with CorreLog