Companies should respect log management
When it comes to detecting and squashing data breaches before they happen, SSL certificates and log management can be extremely important for a company to have. Keeping track of which certificates have gone bad, which still work and more is a great way for a company to stay on top of things, but a post on Net-Security said not enough companies see the value in this.
"It’s clear that there is a gap between awareness and meaningful use and companies may suffer the consequences," the website said. "Why don’t more organizations take advantage of log analysis as a data security tool? Too expensive? Not enough resources? Too tedious to perform regular audits? All of these are common answers, but perhaps the most important factor is a general lack of understanding among key decision makers about the value of log maintenance and analysis."
Net Security said the downside of not maintaining logs is outweighed by the benefits of keeping one. Keeping these logs is an important step to complying with regulatory standards and it will keep users abreast to unusual activity, which could mean stopping a breach before it happens.
According to the 2011 Verizon Data Breach Investigations Report, less than 1 percent of breaches were discovered through log analysis but 69 percent could have been detected through looking at logs. If a company uses SSL certificates or code signing digital certificates, this could be a very important thing to do.