cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Newcomer I

out of the country metadata logging

My MSSP is moving its data center out of the country.  They say it is only metadata.  I understand metadata is just data about the data however, for a company that has a policy that states all data must remain the US I am finding difficult to move forward.  Does anyone know if any articles that cover this topic? 

 

Thanks  

1 Solution

Accepted Solutions
Highlighted
Community Champion

Re: out of the country metadata logging

> Mik3 (Viewer III) posted a new topic in Tech Talk on 08-21-2018 12:49 PM in the

> My MSSP is moving its data center out of the country.

Which country? The US? You may end up better off. They'll probably be
moving to a jurisdiction that does have privacy laws ...

>  They say it is only
> metadata.  I understand metadata is just data about the data

Well, "metadata" is one of those terms that's sort of loosely defined. Maybe they
don't store the actual contents of the attack packets, but they do have the count
and all the IP addresses that have attacked you?

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
What you see and hear depends a good deal on where you are
standing; it also depends on what sort of person you are.
- Clive Staples Lewis
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
2 Replies
Highlighted
Community Champion

Re: out of the country metadata logging

> Mik3 (Viewer III) posted a new topic in Tech Talk on 08-21-2018 12:49 PM in the

> My MSSP is moving its data center out of the country.

Which country? The US? You may end up better off. They'll probably be
moving to a jurisdiction that does have privacy laws ...

>  They say it is only
> metadata.  I understand metadata is just data about the data

Well, "metadata" is one of those terms that's sort of loosely defined. Maybe they
don't store the actual contents of the attack packets, but they do have the count
and all the IP addresses that have attacked you?

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
What you see and hear depends a good deal on where you are
standing; it also depends on what sort of person you are.
- Clive Staples Lewis
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Community Champion

Re: out of the country metadata logging

From experience:  this comes down to the value of the metadata and its significance including that of source IP addresses, destinations, host names and any indicator of compromise i.e. security events transferred and what giveaways it provides.    A Government agency may have a particular perspective, but even then there is movement towards the use of public cloud in some circumstances./

 

It's a risk management decision, once people understand the value of the metadata and whether it is being encrypted in transit or exposed to the world for all and sundry to see.   And who is handling and protecting it.

 

Regards

Caute_cautim