Using system log information to assess systems usage
Monitoring your information systems
The concept is exactly the same as a home or office burglar alarm monitoring service. The difference being the alarm is installed in a company’s information systems. The sensors and aggregation will be collecting & monitoring potentially sensitive and confidential information, so the alerts are constructed in such a way that the confidentiality is preserved. Alerts are constructed in such a way as to minimise false positives.
There are two modes of operation. Alerting and reporting
Alerting is done in real time. When an alert is triggered the IP Sentinel service control will contact the approved person at the company to inform them of the alert and suggest the next steps.
Reports are based on aggregated suspicious patterns of behaviour and can be anonymous. Reporting will be done on a weekly basis with any suspicious activity highlighted so that a company can take further actions if they require.