Notifiable Data Breaches (NDB) Compliance

Overview

The Notifiable Data Breaches (NDB) legislation, introduced as an Amendment to the Australian Privacy Act (1988), establishes a data breach notification scheme to protect individuals’ personal information. The NDB scheme requires businesses to promptly notify the Office of the Australian Information Commissioner (OAIC) and affected individuals in the event of unauthorized access, disclosure, or loss of personal information that is likely to result in serious harm to individuals. The legislation aims to empower individuals affected by data breaches and ensure transparency in the handling of personal information. 

For more information, refer to the NBD Australia publication: https://www.oaic.gov.au/privacy/notifiable-data-breaches  

Logcollect for NDB Compliance

Logcollect combines SIEM, log management, proactive threat hunting, and guided incident response to effectively meet the requirements outlined in NDB compliance. With comprehensive monitoring, analysis, and reporting capabilities organizations can identify and manage their assets, establish access controls, protect resources, and respond promptly to incidents. 

By leveraging Logcollect, organizations can enhance their data breach detection and response capabilities, ensure compliance with the NDB legislation, and protect personal information. This fosters customer trust, demonstrates commitment to privacy, and helps mitigate the potential harm caused by data breaches. 

Using Logcollect to meet NDB Requirements

Protect against unauthorized and unlawful access, loss or damage

Monitor the entire enterprise for activity and threat information across platforms, applications, networks, security controls and end points to protect the security of personal data and to alert on breach or misuse.

  • Logcollect  monitors and alerts on access to sensitive data sets, file shares and records. Monitor all print
    activity including Doc ID, printer, user, success or fail.
  • Logcollect  continually monitors availability and integrity of firewalls, anti-malware and IPS. Alert on change and failure.
  • Logcollect  audits and monitors all OS security groups and policy relevant to databases, apps and file share. Alert on additions to sensitive groups.
  • Logcollect  collects the logs from devices and application and Alert on email export of personal data to unknown recipients.

Ensure and demonstrate data protection

Implement extensive and fully auditable monitoring to allow detailed querying and filtering of data, with drill-down, to enable issues to be rapidly investigated, corroborated and understood.

  • Logcollect  alerts on activity of new users and those subject to “managed risk”. Visualization of personal data access. Logcollect  Monitoring establishes How, Where and When access occurs.
  • Logcollect  monitors application workflows, identifying backlogs and inappropriate processing.

Implement security to prevent unlawful access, disclosure or loss

Use security analytics to process data in real-time and identify activity or behavior indicating misuse or breach of personal data. Use dashboards to enable rapid demonstration of compliance.

  • Logcollect  monitors and alerts on Windows Plug and Play (PnP) events indicating connection of removable media & devices.
  • Logcollect  real-time dashboards how Confidentiality, Integrity and Availability status of all sensitive data assets.
  • Logcollect  correlates privilege user network authentication with critical business service change likely to lead to failure. Automatically analyzes, alerts, and remediates.
  • Logcollect  monitors corporate mobile devices and alert on attempted connection to data services when out of country.

Take steps to protect against insider data abuse

Monitor use of applications and access to data across the enterprise but also monitor users, privileges and behaviors to spot unauthorized use by insiders or compromised users.

  • Logcollect  monitors and alerts on Windows PnP events indicating connection of removable media & devices.
  • Logcollect  monitors the connection of USB device to the network, correlated with current user, terminal and data. Alert on non-compliance with policy.
  • Logcollect  monitors and correlates network terminals, devices and users to identify and alert on unusual access e.g. an account authenticates from external IP at non-business hour.
  • Logcollect  monitors database workflows to identify irregular patterns of activity indicating potential user negligence or mistake.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Policy to learn more.