Protecting Our Stream of Data

  • Comments posted to this topic are about the item Protecting Our Stream of Data

  • I know that some companies use Splunk to store logs on a frequent and rolling basis. The reason is to guard against the admins from tampering with logs to cover their traces.

    A lot of attacks have become "insider" threats - most external probes end up resulting with networked privileged access which turns it into an insider doing something nefarious. 

    File systems become much harder since there is not good detection build it. In that case 3rd party software will be needed.

  • Graylog is also popular.

  • This article is posing several different questions. For the point of sale end of the business, you definitely want to keep the security cameras, because interaction with the customer doesn't begin with the POS terminal.

    For a tamper proof audit log would, it could be "something like" a block chain, where each block of data is hashed using a key from the previous block.

    One thing credit card processing companies could do is provide the merchant with a unique token rather than the actual credit card number. The merchant could use that token to process the transaction, but if the token were ever somehow stolen, then it could be linked back to that specific merchant. The merchant could also be supplied with alternate tokens, one type could work only for single a single transactions and another type could be used for setting up recurrent payments.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply