Hi - new to the list. This question may be off topic since it's not directly related to analysis but .. here goes. I have gotten little or no response from several security and legal discussion boards, nothing definitive off google. I'm setting up policies for auditing, backing up, and storing logs. I have read many recommendations and requirements ranging from 7 years to one year. Don't find any legal precedence (gigalaw.com etc.) We are: A Publicly traded, New York incorporated, non-government, non-healthcare, non-financial US Company thus not governed by HIPAA or GLBA requirements. Also - regarding Windows logs - Should they be archived in native .evt format? What does law enforcement consider acceptable evidence? I know that if data is modified in certain ways it beomes disallowed in a court of law. Any experience and opinions would be appreciated. _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Mon Sep 08 2003 - 16:18:08 PDT