Indeed! :)
*ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) *Harnessing the Advantages of Technology for the SMB market... * On Tue, May 10, 2011 at 7:42 PM, Free, Bob <r...@pge.com> wrote: > Yea, what you said. Another in a long line of totally clueless auditors…. > > > > Sometimes I think their only goal in life is to come up with a finding that > no one else ever has before.. > > > > *From:* Michael B. Smith [mailto:mich...@smithcons.com] > *Sent:* Tuesday, May 10, 2011 3:04 PM > > *To:* NT System Admin Issues > *Subject:* RE: Encrypting Event Logs > > > > Tttthhhhbbbbbttttt. > > > > Regards, > > > > Michael B. Smith > > Consultant and Exchange MVP > > http://TheEssentialExchange.com > > > > *From:* Sean Martin [mailto:seanmarti...@gmail.com] > *Sent:* Tuesday, May 10, 2011 3:43 PM > *To:* NT System Admin Issues > *Subject:* Encrypting Event Logs > > > > Good morning/afternoon, > > > > My manager has requested I look for ways to "encrypt the event logs on our > DCs". Apparently during one of our many audits (governing body to remain > nameless) one of the auditors insisted that we should be encrypting the > event logs on our DCs. I have since requested a formal finding be provided > by the auditor indicating the perceived risks so that I can first identify > if we have any mitigating controls already in place. > > > > With that, I thought I would start looking around for specific solutions. > We're currently running Windows 2003 DCs in a Windows 2003 Native AD > environment. I'm not finding a whole lot of solutions specific to encrypting > "event logs". We are planning on introducing Windows 2008 R2 DCs this year > so I will research bit locker, but, I'm concered about the inter-operability > with Symantec SIM. > > > > I'm still working with very little information so I'm probably missing a > lot of content. I guess I would just like to find out if anyone else has > received similiar directives from an audit and what solutions or mitigating > controls helped satisfy the auditor's concerns. > > > > - Sean > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin