I need to logg the activity of a system admin working on a windows 2008 server. We must have a log of all activity, keystrokes and responses. Is there a way to do this - its for regulatory needs in healthcare, and PCI.
Asked
Active
Viewed 107 times
2
-
2This is actually most likely a PCI *violation*, as it means you're going to be storing credit card numbers in plaintext with whatever logging app you use. Same with HIPAA. – devicenull Mar 22 '12 at 22:53
-
well I've never seen this requirement before but who knows maybe its something new, and how its stores the gathered info would be up to the application that is storing it so yes it maybe encrypted just fine. – tony roth Mar 22 '12 at 23:28
1 Answers
3
Bill, typically these requirements are not to log every keystroke but to log particular actions. In fact, you can usually define in policy what things you need to log. You might search the web for other's policies and implement a sane, reasonable policy. Then FOLLOW it.
Keep in mind, someone must review everything that is logged so keep the policy SANE.
FYI - Logging every keystroke is a security risk because it would expose passwords to those reviewing the logs. It could also cause a denial of service situation due to the need to write so much data to the log.
uSlackr
- 6,412
- 21
- 37