It 255Hana Laplant
Enhance an existing it security policy framework
Security policy planners must consider and the tasks they must complete to deploy an effective security audit policy in a network that includes computers running Windows 7 or Windows Server 2008 R2.
Organizations invest a large portion of their information technology budgets on security applications and services, such as antivirus software, firewalls, and encryption. But no matter how much security hardware or software you deploy, how tightly you control the rights of users, or carefully you configure security permissions on your data, you should not consider the job complete unless you have a well-defined, timely auditing strategy to track the effectiveness of your defenses and identify attempts to circumvent them.
To be well defined and timely, an auditing strategy must provide useful tracking data on an organization's most important resources, critical behaviors, and potential risks. In a growing number of organizations, it must also provide absolute proof that IT operations comply with corporate and regulatory requirements.
Unfortunately, no organization has unlimited resources to monitor every single resource and activity on a network. If you do not plan well enough, you will likely have gaps in your auditing strategy. However, if you try to audit every resource and activity, you may find yourself with far too much monitoring data, including thousands of benign audit entries that an analyst would need to sift through to identify the narrow set of entries that warrant closer examination. This could cause delays or even prevent auditors from identifying suspicious activity. Thus, over-monitoring can leave an organization as vulnerable as monitoring too little.
New auditing features in Windows 7 and Windows Server 2008 R2 make it easier to audit important user, computer, and network activities in a focused, efficient manner. These features include: