Chapter 3: Access Control - Accountability

It is a must to track all use within a system. This way, the person that is responsible for wrong-doing can be held accountable for their actions. To keep from overloading an audit log, an audit reduction tool can be used to help spot suspicious activity. It gets rid of info that was recorded such as redundant task information. SEM and SIEM systems provide analysis for audits. To protect audio data, write-once media is often utilized within organizations. An auditing tool that is very in depth is keystroke monitoring. Each key a user hits is recorded! Usually this only needs to be implemented for a short period of time in order to help uncover suspicious activity.