I’m digesting the 2009 Data Breach Investigations Report from Verizon Business. If you haven’t read it, I highly recommend you do so now.

I will likely focus on several different elements of this report in coming weeks. For now, it’s about the logs. In the data breaches examined in 2008, many could have been mitigated much, much sooner if only some log analysis was being performed.

That is, in many cases, early detection would have massively reduced the number of data records breached, and this detection would have been likely had anybody been doing some basic log file analysis. You can’t catch every intrusion that way, and things can still be overlooked, but it is also a shame to discover a breach that has lasted six months when it was plainly visible in the standard log files. And in many breaches, this was in fact the case.

Cover the basics in server security–even that will mitigate a large portion of data breach damage. Start by checking the log files.