Implementing a SIEM in Alfresco ?

Meffapefecy — Sun, 22 Jan 2023 09:58:24 GMT

Hello to all,

I am looking for the best solution to answer the following needs:

A new Swiss law will come into force in September 2023. It will oblige information systems to be able to report that a user has accessed the data.
The objective is to set up a SIEM (Security Information and Event Management Solution).

Thus, a solution is needed that allows to:

Logging of at least the following personal data operations (Art. 3, para. 2):

Registration
Modification
Reading
Communication
Deletion

The logbook must provide information on (Art. 3, para. 3)

the nature of the processing
the identity of the person who carried out the processing
the identity of the recipient
the time at which the processing took place

Also, logs must be kept for 1 year separately from the system in which the personal data are processed.

So I wanted to know if there is already an existing solution in Alfresco (on an Alfresco 4.2 Community version) or if it was necessary to develop a custom solution? And if a custom solution needs to be developed, what would be the best solution to meet the needs and limit the impact on the application's operation?

For information: The two laws are: New Federal Law on Data Protection (nLPD) and new Ordinance on the Federal Law on Data Protection (nOLPD)

PS: This is my first topic created here. I hope I'm not in the wrong forum but if I am, I'm sorry for that

Re: Implementing a SIEM in Alfresco ?

openpj — Mon, 23 Jan 2023 08:38:39 GMT

There are two solutions for your requirements:

Enable the Alfresco Audit Engine including all your needed information by default
Implement your own logging solution as an Alfresco extension

Alfresco Audit Engine:

https://docs.alfresco.com/content-services/community/admin/audit/

topic Implementing a SIEM in Alfresco ? in Alfresco Forum

Implementing a SIEM in Alfresco ?

Re: Implementing a SIEM in Alfresco ?