Logs Aren’t Enough

Logs Aren’t Enough – Alisha Kloc

Abstract

Uh-oh – your startup just made headlines, but not for the reason you wanted: one of your employees has been accused of stealing a customer’s PII! Surely you can get to the bottom of the situation by checking your security logs… right? Right? Probably not, in fact. Most security logs don’t contain enough information to determine the crucial facts of a user data privacy issue: the “who”, “whom”, “what”, “where”, “when”, and “why” of user data accesses. Without all these pieces of information, as well as signals and alerts that make use of them, you can’t reconstruct the activity and motivations of your employees when they’re accessing user data. Find out how to supercharge your data access logging and ensure your users’ data is well-protected.

Bio

Alisha Kloc has worked in the security and privacy industry for over seven years, most recently at Google where she works hard to protect users’ data. She is passionate about data security and user privacy, and believes in combining technology, policy, and culture to ensure users’ protection.