- log management
- regulatory compliance
The AgID minimum measures and log management
The AgID minimum measures are a practical reference used to evaluate the current level of security of the Public Administration and provide indications for raising it to a higher standard. The purpose, of course, is to counter the ever-increasing and frequent cyber threats that aim to obtain sensitive data from the PA.
This document was issued in implementation of the Directive of the President of the Council of Ministers of August 1, 2015.
What do these AgID minimum measures entail?
The AgID Minimum Measures provide checklists at the level of technology, procedure, and organization of the PA to assess its level of cybersecurity and possible improvements.
The document defines three levels of quality that differ according to the complexity of the PA’s information system:
- Minimum level: every PA must comply with the requirements of this level, regardless of its organization and nature;
- Standard level: every administration should consider this level as a reference base in terms of security and represents the majority of the realities of the Italian PA;
- Advanced level: it should be adopted by organizations that are most exposed to risks (for example, for the criticality of the information processed or the services provided), but should also be seen as an objective by all other organizations.
This reference document is an excellent guide, especially for small-sized PA, which has more difficulty getting help from external professionals for the budgets managed. It also allows you to:
- have an operational reference that can be directly used (checklist);
- establish a common base of indispensable technical and organizational measures;
- have a useful tool to verify the state of protection against cyber threats and be able to trace a path of improvement;
- make the Administrations responsible for the need to improve and maintain their level of cybersecurity.
Finally, it establishes that the adaptation to these measures is the responsibility of the person in charge of the structure for organization, innovation, and technologies, as indicated in the CAD (art. 17) or alternatively of the designated manager.
What do logs have to do with all of this?
Within the AgID minimum measures, there are several tables that identify the controls (or improvements) to be made for various topics.
In particular, within the section “Appropriate use of administrator privileges: Rules, processes, and tools aimed at ensuring the correct use of privileged users and administrative rights,” explicit reference is made to the traceability of logs for failed access by system administrators, the generation of alerts, monitoring of anomalous behaviour on ADS users, and traceability of changes to system administrator users. You can read the full document at this link.
HTS is available to provide more information on log management and AgID minimum measures. Fill out the form below!