Do you cringe when PCI and SOX auditors knock on your doors and ask questions like: "Who created that user?" "When was privileged access granted?" "Who accessed this data?" or "Who changed the configuration?"

At the Log Management Session at CA World 2010, panelists agreed that compliance reporting requirements cause enormous financial and operational burdens on organizations. They agreed that while requirements change every so often, the fundamentals in meeting compliance demands remain the same - implement controls and verify their effectiveness. An area of need and very challenging to many includes performing user activity analysis and reporting. As the panelists war-room stories unfolded, it was clear that reporting, investigating what users do with their access and identifying control weaknesses over time wear them out in more ways than one.

It was clear in the panel discussion that organizations today have "crossed the chasm" of rudimentary logging practices. They now demand better uses for the logs that they collect.  The 2010 SANS Log Management survey proves this point as organizations leverage logs for user activity analysis, compliance reporting and enhancing their security and IT operations.

User activity and compliance reporting for identity, access and data usage enable efficient controls validation. And the ability to provide report trends can expose emerging problems or control deficiencies that need to be proactively managed and controlled. User activity and compliance reporting turn siloed user activity data into consolidated reports and expedite root cause analysis. As a result, organizations get faster time-to-value and are able to simplify compliance and accelerate security investigations.

The audience pointed out that in today's tough economic climate organizations pay closer attention to cost savings and improved efficiencies. Predefined reports that are already mapped to PCI, SOX, FISMA, HIPAA, Basel II, ISO2700x and others can improve efficiencies and relieve organizations from doing mundane research and reporting tasks. Making reports accessible to CSOs alongside other security metrics in their custom portal provides greater decision support. While trend reporting and automatic report updates can help organizations verify controls over time and keep up with changing reporting requirements respectively.

One thing was made clear: Compliance will continue to be a key business driver. Expect new regulatory controls and anticipate the directive for user activity and compliance reporting alongside these regulations. Additionally, technology trends like virtualization and the cloud will affect change at a faster pace going forward as organizations increasingly embrace these innovations and their security concerns subside.

The final word from the panel: Act now and put in place the right people, tools and processes to efficiently verify your security controls and take control of your users' activities across physical, virtualized and cloud environments.