Server logs are one of the best tools a system administrator has to ensure your organization’s data and file security, but setting up and monitoring them can be a complicated task that often leaves you drowning in data.
Businesses and organizations need a detailed record of everyone who has accessed and acted on system files and company data, which becomes especially important when dealing with federal and international privacy and data compliance measures.
To help you set up your logs for these different scenarios and be proactive with internal compliance requirements, this blog reviews several common server log use cases along with best practices for supporting them.
Server Logging Use Case 1: PCI Compliance
Any organization processing payments must adhere to the PCI Security Standards Council’s requirements. When it comes to secure file transfer for information that may contain bank or credit card information, the most relevant section of the standards is Requirement 10: Track and Monitor All Access to Network Resources and Cardholder Data.
Implementing PCI SSC Requirement 10 requires you to capture the following in your logs:
- File/data access for every individual user who has access to cardholder information
- All actions taken by administrative users
- An audit log that includes at least one year of audit trails and tracks all changes to audit logging
- All events related to data access, including failed logins, changes to user privileges, etc.
As well, Requirement 10 asks system administrators to monitor their logs at least daily (Cerberus FTP Server Enterprise Edition’s built-in reporting features can help with this area) and implement file integrity monitoring on your logs to ensure that they have not been altered.
Server Logging Use Case 2: GDPR Compliance
Although GDPR standards aren’t as clear-cut as the PCI requirements, they do provide high-level guidance for data security and access for businesses that collect or process information on European individuals.
Specifically, to maintain GDPR compliance your server logs must satisfy the following requirements:
- Different levels of access to data based on the data’s sensitivity and protections required
- Continuous monitoring and logging of security access
- Track who accesses what customer data and why, as well as any actions including that data
- Ability to restore data loss in case of server failure or backup is needed (Cerberus FTP Server offers discounts for Disaster Recovery/Backup licenses)
- GDPR Article 30 requires companies to maintain a record of all data processing activities, which includes who has received the data and the length of their access to that data. This information must be able to produced in written as well as electronic format.
- GDPR Article 32 requires companies to ensure the security of their data processing, which includes implementing steps to ensure only authorized processes have access to data
Server Logging Use Case 3: HIPAA Compliance
Anyone defined as a “covered entity” – including health care providers, health care plans, information clearinghouses and business associates – must comply with HIPAA’s requirements for the transmission and access of any personal health record or information.
To ensure HIPAA compliance, your logs should track all users who access Protected Health Information (PHI) and any related personally identifiable information.
In addition, depending on your environment you may want to track events related to failed logins and other potential security issues.
(Read more about HIPAA-compliant file transfer, including requirements for file integrity tracking and file retention policies).
Other FTP/FTPS Server Logging Use Cases
In addition to the use cases mentioned above, System Administrators may benefit from logs to monitor the following areas:
- Access Auditing – comprehensive logging of all file and user operations ensures that an audit can be performed in the case of any issues. These logs should include who transferred a file, what was transferred, when it was transferred and
- Troubleshoot Server Issues – log files that track file transfer start and end times, server response times and transfer errors allow for quick and accurate diagnosis and resolution of any server-side issues that may be affecting data transfer.
How Cerberus FTP Server Supports Secure File Transfer Logging
Cerberus FTP Server’s robust logging capabilities help system administrators quickly and easily record and track any file transfer activity in your environment with our customizable Server Manager and Report Monitor.