Implementing a SIEM in Alfresco ?

cancel
Showing results for 
Search instead for 
Did you mean: 
Meffapefecy
Member II

Implementing a SIEM in Alfresco ?

Hello to all,

I am looking for the best solution to answer the following needs:

A new Swiss law will come into force in September 2023. It will oblige information systems to be able to report that a user has accessed the data.
The objective is to set up a SIEM (Security Information and Event Management Solution).

Thus, a solution is needed that allows to:

Logging of at least the following personal data operations (Art. 3, para. 2):

  • Registration
  • Modification
  • Reading
  • Communication
  • Deletion

The logbook must provide information on (Art. 3, para. 3)

  • the nature of the processing
  • the identity of the person who carried out the processing
  • the identity of the recipient 
  • the time at which the processing took place

Also, logs must be kept for 1 year separately from the system in which the personal data are processed.

So I wanted to know if there is already an existing solution in Alfresco (on an Alfresco 4.2 Community version) or if it was necessary to develop a custom solution? And if a custom solution needs to be developed, what would be the best solution to meet the needs and limit the impact on the application's operation?

For information: The two laws are: New Federal Law on Data Protection (nLPD) and new Ordinance on the Federal Law on Data Protection (nOLPD)

PS: This is my first topic created here. I hope I'm not in the wrong forum but if I am, I'm sorry for that

1 Reply
openpj
Moderator
Moderator

Re: Implementing a SIEM in Alfresco ?

There are two solutions for your requirements:

  1. Enable the Alfresco Audit Engine including all your needed information by default
  2. Implement your own logging solution as an Alfresco extension

Alfresco Audit Engine:

https://docs.alfresco.com/content-services/community/admin/audit/