One of the biggest issues with security and systems management in general is that nobody really wants to spend their time reviewing system logs to find out if their systems have been compromised. After all, it's a tedious process that's roughly the digital equivalent of looking for the proverbial needle in a haystack.
Alert Logic wants to automate much of this process with the launch of a new LogReview service, being launched today, under which its security professionals review the logs of its customers. That information, collected via a Log Manager service that Alert Logic already offers, essentially takes the tedious task of monitoring and analyzing log files off the shoulders of internal IT people that more than likely have more productive things to do.
Reviewing logs is the digital equivalent to good hygiene. The problem is that not enough companies have the skill or the time to do it correctly. And yet, the key to making our systems more secure has a lot more to do with monitoring logs than it does layering wave after wave of security products.
According to Alert Logic product marketing manager Randy Rosenbaum, the service will also create audit trails that should reduce the amount of time it takes to perform an audit, while also giving customers access to a Web portal where they can review their log file and the reports created by Alert Logic. Pricing for the service starts at around $1,000 per month, depending on the number of logs that need to be monitored.
As the number of compliance efforts that require reviews of logs, such as the Payment Card Industry's Data Security Standard (PCI DSS), continue to expand, the only way IT organizations are going to cost-effectively comply with these regulations is to rely more on services. And while that may add ongoing cost to the IT budget, it sure beats the alternative of hiring dedicated people to just sit around and review log files in the hopes of occasionally discovering that something is amiss.