Like many important things in life, security is one of those items that you shouldn’t just “set it and forget it”. Part of having a holistic security system is to monitor your systems for various indicators. You will want to monitor for system activity because you want to be proactive and understand the changes on your system. Don’t put your head in the sand and hope everything will be okay.
Here are some reasons for why you should monitor your systems:
- What if an attacker was trying to brute force login into your system and you didn’t have a control in place to block them. How would you know if they succeeded or not?
- What if there was a vulnerability on your site and an attacker uploaded code to have a backdoor in your system. If you didn’t have a system to alert you to changes, how would you know anything changed?
- What if you were just trying to change a setting and your whole website broke because of a couple changes you did, but you couldn’t remember what you exactly did? If these actions weren’t logged, then you wouldn’t have the ability to go back and review what happened.