Measures for ensuring events logging. Implementation of logging and alerting controls which include alerting of significant events; • Implementation of intrusion prevention and detection systems to monitor and log system resources for potential unauthorized access and generate alerts on attempted attacks; • Maintenance of retention policies for logs, audit trails and other documentation that provides evidence of security, systems, and audit processes and procedures related to Subscriber Data.
Measures for ensuring events logging. All systems generate logs (from the VPN access to database queries, end-to-end) and alert in case of logging capabilities failure. All system logs are recorded and stored online for 90 days and in cold storage for 1 year. Running native on AWS Cloud, Cloudinary uses a set of Cloud-native tools that monitor activity and mitigate risks and configuration mistakes. Audit logs are kept in highly privileged, dedicated, S3 buckets and log file access is granted according to the principle of 'need to have' and is fully monitored. Cloudinary employs 24x7 system monitoring and ops personnel on call. When a service issue is identified, Cloudinary updates the system status at xxxx://xxxxxx.xxxxxxxxxx.xxx. Cloudinary measures multiple metrics to scale and accommodate changes in incoming load. The system has an automatic pre-emptive scale up events feature, based on known usage patterns which are unique to each data center. Cloudinary employs intrusion detection systems and uses commercial and customized tools to collect and examine Cloudinary’s application and system logs, to detect anomalies.
Measures for ensuring events logging o Používané řešení pro správu bezpečnostních incidentů a událostí (SIEM) pro monitorování záznamu o přístupu. o Security Incident & Event Management (SIEM) solution in use for access log monitoring. o Používané víceúrovňové monitorovací nástroje, které analyzují anomálie chování v celé síti. o Multiple layers of monitoring tools in use analyzing behavior anomalies across the network.
Measures for ensuring events logging. Kajabi monitors access to applications, tools, and resources that process or store Customer Data, including user activity, administrator and privileged user activity, processing activity, network and firewall activity, audit activity and scanning. Monitoring of security logs is centralized by the security team. Log activities are investigated when necessary and escalated appropriately. Application and infrastructure systems log information to a centrally managed log repository for troubleshooting, security reviews, and analysis by authorized Kajabi personnel. Logs are preserved in accordance with regulatory requirements.
Measures for ensuring events logging. All critical devices, systems, datastores, and applications have event logging enabled. Logging events must contain what occurred, who or what caused the event, when the event occurred (i.e. timestamp), and the associated system applications or data affected by the events. Where possible, the following system, datastore, and application types of events should be logged: ● All authentication events (success and fail) ● Account or role creation, modification, or deletion ● Changes to system or application configuration ● All alerts raised by the access control system ● Administrator or operator activities Centrally collected event logs from systems, datastores, and applications. Access to centrally collected event logs is controlled by these teams and limited to “need to know” scenarios. Centrally collected event logs are retained for a period of no less than 12 months. Tonic uses AWS Control Tower to manage our AWS accounts and aggregate logs into audit and security environments to prevent tampering. Measures for ensuring system configuration, including default configuration Tonic uses Infrastructure as Code (IaC) codebooks for the construction of our networks to ensure they can be rebuilt quickly and uniformly in the event of a catastrophic incident resulting in the loss of a network. Tonic has developed system baselines and standards for production and development workloads. These baselines and standards are updated on a regular basis based on industry guidance. Tonic uses AWS and other commercial monitoring tools, and preventive and detective controls to ensure deployed devices align with our configuration standards. Measures for internal IT and IT security governance and management Personal data is protected with least privilege access and handled with appropriate operational procedures. Access shall be limited to the minimum necessary to perform the assigned duties (principle of least privilege). Tonic has developed system baselines and standards for workstations and mobile devices. These baselines and standards are updated on a regular basis based on industry guidance. These standards include (but are not limited to): ● Centralized management of devices (lock, erase, push policy, push configuration) ● Full disk encryption ● Access to device must be authenticated ● Anti-malware system is installed and operational ● Password meets password policy ● Secure defaults are configured ● Auto-lock after timeout ● Operating system is automatically updated with ...
Measures for ensuring events logging. To ensure the secure access of C2 services, we have a strict process for regulating and monitoring external logins through Synology Accounts. We have implemented measures to protect against potential threats, including detecting and blocking suspicious or abnormal login attempts from specific IP addresses or accounts, as well as maintaining proper permissions to ensure that only authorized users can access our services. Synology logs all login and data access events to manage user identity. Only specific team members have the authority to access the information security management systems. IP addresses with repeated unsuccessful login attempts to the VPN will be blocked. We also send the daily login records to both the respective users and our IT department for auditing purpose.
Measures for ensuring events logging. ConnectWise monitors access to applications, tools, and resources that process or store Customer Data, including cloud services. Monitoring of security logs is centralized by the security team. Log activities are investigated when necessary and escalated appropriately. Measures for ensuring systems configuration, including default configuration. ConnectWise applies Secure Software Development Lifecycle (Secure SDLC) standards to perform numerous security-related activities for the Offerings across different phases of the product creation lifecycle from requirements gathering and product design all the way through product deployment. These activities include, but are not limited to, the performance of (a) internal security reviews before new Offerings are deployed; (b) annual penetration testing by independent third parties; and (c) threat models for new Offerings to detect any potential security threats and vulnerabilities. ConnectWise adheres to a change management process to administer changes to the production environment for the Offerings, including changes to its underlying software, applications, and systems.
Measures for ensuring events logging. ○ Lxxxx maintains detailed logs of data access, modification, and transfer events. ○ Lxxxx regularly reviews and analyze logs to detect and respond to potential security incidents.
Measures for ensuring events logging. Octai logs authorization requests to privileged spaces and user activities, including logins, configuration changes, deletions, and updates. These logs are internally available and can be accessed for security investigations upon request.
