Skip to main content
Our security policy is built on a prepared approach to handle the incidents proactively.  At Ekyam, we handle our events by:  Logging and Auditing: All application logs, infrastructure events, access records are centralized in GCP Cloud Audit logs.  Monitoring: Proactive monitoring of application health, security events, and system performance. We have automated alerts to notify the incident team of potential threats or anomalies.  Incident Response: We maintain a formal Incident Response Plan (IRP) that contains procedures to take swift and organized action for any potential security threat. We notify our clients with a prompt response in accordance with our regulatory requirements. 

Importance of Audit Logs

  • Audit Logs & Data Retention
    Ekyam implements the critical security controls to manage and protect the data as well as system activities. These controls identify and classify the data according to their sensitivity. Once the data has been classified as sensitive or confidential, the mandate standards are applied to such information. 

Audit logs (Logging and Monitoring) 

We maintain the Audit logs in a chronological order to record the user activities that are relevant to the security. The events are securely recorded to keep a history of actions/activities within the system and applications.  Ekyam uses Centralized logging via GCP (Google Cloud Platform) Audit logs to manage the applications, infrastructure, and access events. Our Audit logs provides a complete audit-trail of the logs and enables the incident team to monitor the environment, perform checks, determine threats and action immediately if they see an incident. In addition to performing all the activities, it is necessary for the incident team to comply with all the regulatory requirements. 

Why are the Audit logs critical?

We maintain the audit logs because of the following reasons: 
  • Security Monitoring: We  monitor logs in real-time to detect unauthorized access or malicious activity. We monitor logs in real-time to detect unauthorized access or malicious activity.
  • Incident Response: This activity provides support in monitoring the incidents and quickly responding when a security event occurs. 
  • Forensic Analysis: It is important to analyze the past events that might have caused security breaches. In other words, a process to collect the evidence of how the system was attacked by any malware. 

Best Practices for Audit logs

Ekyam ensures that the audit logs are utilized in an effective manner in order to support the compliance requirements and record incident responses. 
  • Immutability: The logs configured are tamper-proof and write-only to ensure they adhere to the compliance standards. When an event is recorded via GCP Cloud Audit Logs, it cannot be deleted or altered, ensuring that the audit trail can be used for forensic analysis and compliance verification. 
  • Centralized Storage: Ekyam uses the GCP Cloud Audit Logs to store infrastructure, application and access events in a secure and centralized location. This ensures that the data is secure even if a source system is compromised. This practice will also ensure that analysis and auditing can be done easily. 
  • Real-Time Monitoring: Ekyam ensures continuous monitoring of logs to check for any authentication attempts or unauthorized configuration changes. If there is any observation seen by the incident team, then triggers or alerts are sent to notify the security teams. This practice reduces the time taken to detect a threat. 
  • Regular Reviews: Scheduled reviews of the log data are conducted by the Ekyam security team. This analysis helps to identify security threats, and unauthorized access.