Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Mik3
Newcomer I
‎08-21-2018 12:49 PM
‎08-21-2018 12:49 PM

out of the country metadata logging

My MSSP is moving its data center out of the country.  They say it is only metadata.  I understand metadata is just data about the data however, for a company that has a policy that states all data must remain the US I am finding difficult to move forward.  Does anyone know if any articles that cover this topic? 

 

Thanks  

Reply
0 Kudos
2 Replies
rslade
Influencer II
‎08-21-2018 02:28 PM
‎08-21-2018 02:28 PM

> Mik3 (Viewer III) posted a new topic in Tech Talk on 08-21-2018 12:49 PM in the

> My MSSP is moving its data center out of the country.

Which country? The US? You may end up better off. They'll probably be
moving to a jurisdiction that does have privacy laws ...

>  They say it is only
> metadata.  I understand metadata is just data about the data

Well, "metadata" is one of those terms that's sort of loosely defined. Maybe they
don't store the actual contents of the attack packets, but they do have the count
and all the IP addresses that have attacked you?

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
What you see and hear depends a good deal on where you are
standing; it also depends on what sort of person you are.
- Clive Staples Lewis
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
Caute_cautim
Community Champion
‎08-22-2018 05:34 PM
‎08-22-2018 05:34 PM

From experience:  this comes down to the value of the metadata and its significance including that of source IP addresses, destinations, host names and any indicator of compromise i.e. security events transferred and what giveaways it provides.    A Government agency may have a particular perspective, but even then there is movement towards the use of public cloud in some circumstances./

 

It's a risk management decision, once people understand the value of the metadata and whether it is being encrypted in transit or exposed to the world for all and sundry to see.   And who is handling and protecting it.

 

Regards

Caute_cautim

 

 

Reply