Standards Group:
YALE-MSS-13: Logging
YALE-MSS-13.2: Log all authentication events
Low Risk Endpoint
Not Required
Moderate Risk Endpoint
Required
High Risk Endpoint
Required
Low Risk Server
Not Required
Moderate Risk Server
Required
High Risk Server
Required
Low Risk Mobile Device
Not Required
Moderate Risk Mobile Device
Not Required
High Risk Mobile Device
Not Required
Low Risk Network Printer
Not Required
Moderate Risk Network Printer
Not Required
High Risk Network Printer
Not Required
Details
Authentication logging is critical for monitoring systems and responding to incidents.
This standard is met by using Yale's Single Sign On (SSO).
Log all authentication and privilege escalation events. Authentication logs must include:
- Who attempted to access a resource
- Which resource the attempt was for (destination)
- When the attempt was made
- Where the attempt came from (source)
- Whether the attempt was successful