Sidebar: Software Emerges for Retaining System Log Data

Until recently, there have been few options available for users looking for ways to store system log data to comply with laws on retaining records and controlling access to data. But that's starting to change.

San Francisco-based Addamark Technologies this week will introduce a new version of its specialized database for log information, with new features designed to address the data-retention requirements of laws such as Sarbanes-Oxley, the Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act.

Omnisight 2.0 will let companies collect, compress, store and review event data collected from an array of systems and security devices, said Kevin Harahan, director of product security at Addamark. The captured information can include application and transaction logs, Web activities and security event data.

Omnisight also offers capabilities for identifying violations of corporate policies, reviewing suspicious systems activity and performing forensic analysis for security purposes, Harahan said.

Addamark isn't the only vendor offering such tools. Intellitactics Inc., a Reston, Va.-based vendor of software for correlating different security incidents, last month added a storage component designed to preserve raw data about security events in a compressed form. Consul Risk Management in Herndon, Va., offers a similar product. Prices for the tools typically start at about $50,000.

Such capabilities are crucial, said Troy Aswege, assistant vice president of information systems at Blue Cross Blue Shield of North Dakota.

As a Medicare provider in 12 states, the Fargo-based health care organization has to retain certain types of log data for varying lengths of time. It's now using Addamark's software to collect the required information from its mainframes and switches, and Unix, PC and Web servers.

"We're talking about thousands upon thousands of transactions daily," Aswege said. "Without something like this, l'm not sure how we would be able to do it."

Michael Rasmussen, an analyst at Forrester Research, said compressing terabytes of raw log data to a fraction of its original size is much less costly and more efficient than storing it in traditional relational databases.

5 power user tips for Microsoft OneNote
  
Shop Tech Products at Amazon