Verizon Business has introduced a new service that seeks to help customers efficiently log, track and analyze user and system activity of software and Web applications, operating systems, and Web and database servers while avoiding the cost and complexity of building, maintaining and monitoring an in-house log management infrastructure.
The new Application Log Monitoring and Management Service- part of Verizon Business’ Managed Security Services (MSS) portfolio— enables users to better mitigate risk, control IT costs, reduce complexity, and automate security compliance initiatives. As a result, customers can react more quickly to security threats, gain speedy access to critical information, and facilitate security compliance audits.
“Today’s approach to security is holistic,” said Kerry Bailey, vice president of Verizon Business Security Solutions. “
Gone are the days of relying solely on network-layer security to protect information assets. As the leading global provider of managed information security solutions and operator of one of the world’s most expansive IP networks, we are well-positioned to secure our customers’ infrastructure – from the network to the user level, and everywhere in between.”
According to industry analyst firm Forrester Research, Internet attacks are shifting from the network to software and Web applications. The firm noted:
“Cyber attacks have moved up from the network layer to the application layer. Applications, especially Web applications, have become prime targets for attackers because they create, present, modify, and store sensitive data, from credit card numbers to intellectual property.” (Forrester, “Five Trends That Will Shape The IT Security Profession In 2008,” By Jonathan Penn with Tom Pohlmann, Paul Stamp and Allison Herald, Dec. 28, 2007.)
A key feature of the service is that it allows organizations to maintain the proper IT controls and reporting requirements needed to help them address industry standards and security regulations such as the Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA), COBIT 4.0, Payment Card Industry Data Security Standard (PCI DSS) and ISO 17799. Best practice IT frameworks dictate that organizations collect, periodically review and securely archive their security log data for a defined period of time.
Additionally, the ability to archive log data provides customers with secure, scalable storage and fast access to log data on the customer premises, which helps to facilitate quicker security audits. |
