| | Security : Logs | 
|
|
One effective way of deterring authorised users from damaging or stealing data from a computer system is to get the system to keep logs of all of the actions that each user carries out. A log must be used together with a user name and password system.
All of the actions that a user carries out are stored together with the user's name in a log. If data is deleted, copied or changed the computer system manager can identify the person responsible by examining the logs. Here is part of a log :
| System Log 1/1/1997 | ||
| User | Time | Action |
| jbloggs | 12:00 1/1/1997 | log on |
| jsmith | 12:02 1/1/1997 | delete file "january accounts" |
| jsmith | 12:05 1/1/1997 | copy file "employee addresses" |
| jbloggs | 12:10 1/1/1997 | check email |
If users know that their actions are being monitored then they are less likely to deliberately damage or steal data. Logs can also be used to help trace any accidental damage to data.
A log can not stop a person from damaging or stealing data but it can help identify the culprits. Most hackers will try to turn off any log keeping software when they break into a computer.
GCSE ICT Companion 04 - (C) P Meakin 2004