How Does Server General Create Tamper-Resistant Logs?

Server General enhances security by storing audit logs across multiple servers, both within and outside customer control. This distributed logging system thwarts tampering attempts, ensuring integrity and compliance.
Admin
March 11, 2021

Problem:

In the case of a regular server, an external or a malicious internal user may gain unauthorized access to the sensitive information and then perform acts to conceal the breach by removing or editing audit log files. These log files contain crucial information that is needed to prove regulatory compliance and to conduct forensic analysis in case of an actual breach.

Solution:

The logging information must be stored in real-time on servers that are located outside of the administrative control of the entity that is trying to preserve such information.

Server-General-dual-logging.png

Let me explain how do we do it – in order to provide extended auditing capabilities, as well as to comply with regulatory requirements, all activities related to the Server General agent installed on a host server that is located within our customer’s network are logged in real-time at four different locations – on the host server itself and three servers that are located within our network and operated by our security staff. Take a look at the diagram. You’ll notice that the host server is located within our customer’s network shown on the left-hand side of the diagram is being used to store the logging information and three additional servers shown on the right-hand side which are under our administrative control are also being used to store each and every log entry in real-time. This way a malicious person who has successfully compromised the host server located within our customer’s network will also have to modify or delete entries from the log files that are located within our cloud infrastructure (which is being monitored on a 24x7x365 basis). Just the fact that entries have to be changed at four different locations under two different administrative controls makes it very difficult for a malicious entity to successfully cover up their action.

This type of setup preserves the sanctity of the logged information and allows our customers to claim that they have tamper-resistant log files since no one from within their organization can make changes to all four servers and we can not make changes to the logging information controlled by our customers.

Partner Resources

If you are representing one of our partners, please log into your account to access hidden resources or request an invitation to sign up for the account.

Legal compliance

HIPAA
GDPR
GDPR Recitals

Contact Us

admin@servergeneral.com

+1 650-485-1415

Our partners

Terms of UsePrivacy PolicyEULA

Subscribe to our newsletter

Want to be notificated about new features and updates? Enter your email adress and name below to be the first to know.

Thank you! We'll soon get in touch with you.
Oops! Something went wrong while submitting the form.
Signup for newsletter now

Don't worry! You will not be spammed!