Government agencies back Syslog

       Government agencies have gathered to push efforts to set the Syslog standard to counter the falsely claimed compliance solutions endorsed by them. The agencies also hope that the electronic evidence from the compliance that passes the standard will be fully used in court.
       Dr Kamol Uahchinkul, researcher at the National Electronics and Computer Technology Centre, said the agency finalised NTS 4003.1-2552 Computer Log Systems Part 1 Requirement and NTS 4003.2-2552 Computer Log Systems Part 2 Systems and Auditing Guidelines to promote quality in the Syslog Solution to comply with the Computer Crime Act B.E.2550.
       This standard can help reduce the problem of false claims because there are some selling compliance solutions of the Computer Crime Act B.E.2550 to overcome their solutions that get certified by Nectec and government agencies to mark-up prices and reduce unqualified solutions that do not comply with the Computer Crime Act B.E.2550.
       In the first part, the content covering minimum requirements for Syslog, such as secure solutions, automatic alert detection systems while for the second part more in-depth solution levels covering small, medium, large enterprise levels.
       For testing or certification purposes,it should not take more than one week and a 10,000 baht fee for medium solution. If there are a lot of solutions to be certified, Nectec will be open for other companies who can certify the products as well.
       "We experience lots of solutions out there after the law enforcement to keep files for at least 90 days for investigation and tracing back as well as to use as evidence in court, but some vendors sell software that can keep log files without secure access or change the log file which weakens the solution data which we cannot use as evidence in court,"said Dr Kamol.
       After announcing the Nectec standard,this will be submitted to the Thai Industrial Standards Institute for approval as a National Standard which is expected to take between 2 to 4 months and is open to foreign vendors as well.
       Meanwhile Ajin Jirapattana, Executive Director, ICT Industry Promotion Bureau,the Information and Communication Technology ministry, said the minister will use the Nectec standard as a guideline for all government agencies to bid for the solution to comply with the Computer Crime Act B.E.2550.
       Dr Kamol added that the announcement in Thai Industrial Standard or TIS under the Regulation of the Office of the Prime Minister on Procurement 1992 if there are more than three local companies that can get Thai standard, the government agencies have to specify only TIS in Terms of Reference and allow agencies to buy products from companies who certify TIS which has a price higher than others of around 5 percent.
       SIPA, Open Source Department Manager, Paitoon Butri said open source companies who offer Syslog solution that comply with Nectec are IT Bakery,SGC Network and Softnix Technology.