Privacy management as a platform provider

It is clear that having a server exposed to the internet results in attempted attacks, and the people performing these want to stay hidden. How do you collect enough info about malicious individuals attempting to avoid detection, without also logging that activity for your normal well behaved users who want their privacy?

The only thing I can think of off the top of my head is clearing logs regularly when a serious incident hasn’t occurred in a while. I think certain IDSs have the ability to limit logging to certain events as well, but I don’t know enough about that.

1 Like

Yeah, seems like clearing logged data will be an important step.