[ skip to content ]

More Information about this image

Handbook and paperwork for the newly hired.

Old Dominion University

Information Technology Standard

06.6.0 Security Monitoring & Logging Standard

Date of Current Revision or Creation: November 1, 2021

The purpose of an Information Technology Standard is to specify requirements for compliance with Old Dominion University Information Technology policies, other University policies, as well as applicable laws and regulations. Standards may include business principles, best practices, technical standards, migration and implementation strategies, that direct the design, deployment and management of information technology.

  1. Purpose

    The purpose of this standard is to identify the responsibilities for security monitoring and logging of IT system activity.

  2. Definitions

    Information Security Office is the unit within the Office of Computing and Communications Services responsible for overseeing efforts to protect ODU's computing and information assets and to assist in compliance efforts with information-related laws, regulations, and policies.

    Information Security Officer (ISO) is responsible person for developing, reviewing, evaluating, and managing the University's Information Security Program.

    Logging is an essential information security control that is used to identify, respond, and prevent operational problems, security incidents, policy violations, fraudulent activity; optimize system and application performance; assist in business recovery activities; and, in many cases, comply with federal, state, and local laws and regulations.

    System Owner is the manager responsible for operation and maintenance of a University IT system.

  3. Standards Statement

    General Logging Activity

    Logging is to be enabled on all IT systems.

    Employees or other designated individuals with responsibility for logging have some flexibility in determining the detail contained in logs within their areas of responsibility. The detail of information contained in a log depends on the risks to the relevant IT resource and underlying data. However, all system logs must contain a timestamp associated to the logged event synchronized to the University's Network Timeserver (NTP.) Time Stamps should be in local time or UTC (coordinated Universal Time)

    System logs should be devoid of any unencrypted sensitive data, passwords, financial data or personally identifiable information prior to being forwarded to a log management system or any other destination. Local logs that contain sensitive data are generally acceptable as long as the logs are stored appropriately, they should not be sent to a syslog server.

    Prohibited Logging

    The use of keystroke logging, except when required for security investigations and approved in writing by the University President, or designee, is prohibited.


    System Owners and/or Application Administrators are responsible for the development and implementation of application logging capabilities and the creation and maintenance of detailed procedures for reviewing and administering the logs.

    The Information Security Officer is responsible for Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) logging.

    System Compliance Owners (formerly called System Owners) are responsible for ensuring their systems have undergone a sufficient risk review and that appropriate logs are being captured for security and compliance purposes. This includes system owners for server operating systems, network devices, desktops, administrative databases and for all BIA Immediate or Class 1 Restricted or Class 2 Confidential, Moderate Sensitivity systems.

    Information Security Office staff is responsible for monitoring security event logs, correlating information with other automated tools, identifying suspicious activities, and providing alert notifications.

    Data Center Operations staff is responsible for monitoring the production computing environment and providing alert notifications.

    The Database Administration staff is responsible for monitoring the availability and performance of the databases and for providing corrective actions and/or alert notifications.

    ITS and departmental IT application and system administrators, as well as System Compliance Owners are responsible for ensuring appropriate compliance with this standard for IT resources within their areas of responsibility and are responsible for documenting appropriate compliance.

  4. Procedures, Guidelines & Other Related Information

    University Policy 3501 - Information Technology Access Control Security Policy

    University Policy 3505 - Information Technology Security Policy

    Information Security Program

    Internal Procedures

  5. History


    Responsible Party


    December 2006



    October 2007



    October 2008



    October 2009



    October 2010



    October 2011



    September 2012



    January 2014

    IT Policy Office

    Added time stamp and sensitive data requirement.
    Added compliance.
    Revised employee titles.
    Added definitions.
    Numbering revised.
    May 2018 IT Policy Office
    Reviewed; minor wording changes, links updated
    November 2021 IT Policy Office Reviewed; definitions and links checked

Site Navigation

Experience Guaranteed

Enhance your college career by gaining relevant experience with the skills and knowledge needed for your future career. Discover our experiential learning opportunities.

Academic Days

Picture yourself in the classroom, speak with professors in your major, and meet current students.

Upcoming Events

From sports games to concerts and lectures, join the ODU community at a variety of campus events.