-------------------------------------------------------------------------------------------------

Security Monitoring

1 OBJECTIVE

This policy defines the monitoring and logging framework necessary to deter and / or detect improper
behavior, to foster user accountability, and to allow expedient systems management. All user activities
affecting production information have to be monitored and logged in a re -constructible manner. These logs
are important for error correction, forensic auditing, security breach investigations, and related e fforts.

2 SCOPE

This policy covers all information and associated IT infrastructure and facility management services within
Goldstone Technologies facilities

3 APPLICABILITY

This policy is applicable to all types of user accesses to information, associated IT infrastructure and facility
management services.

4 HIGH LEVEL POLICY

Goldstone has the right to monitor employees’ and contractors’ use of information, associated IT
infrastructure and facility management services at its discretion, and shall install m onitoring
systems to deter and / or detect misuse and intrusions on all key systems and network boundaries

5 DETAILED POLICY

 All critical network devices such as routers, switches, servers and services shall be configured to
monitor and log system events and performance. The use of information systems shall be
monitored regularly for all unexpected events.

 For the logged information to be consistent and meaningful, all the critical monitored devices
such as servers, routers, switches, firewalls, IDS etc. shall have their system clocks synchronized.

 GTL shall periodically audit and regularly review all recorded logs of monitored events.

 Computerized logs containing security relevant events shall be retained for at least three (3)
months or till such time as the audits are conducted. During this period, such logs shall be
securely stored and its access available only to authorized persons.

 Computerized records reflecting the access privileges of each Information system and IT asset
user of Goldstone shall be securely maintained for a reasonable period of time.

 To provide evidence for investigation, prosecution and disciplinary action, certain information
shall be immediately captured whenever a computer crime or misuse is suspected. The relevant

Page 1
-------------------------------------------------------------------------------------------------
information will be securely stored off-line. This will be handled as per the Incident management
procedure.

 Monitoring and logging devices and software shall be protected from unauthorized use and other
internal or external attacks that may deactivate the logging process and / or modify or delete the
logs themselves.

 A formal log rotation and archival process shall be employed for all network periphery security
systems (such as firewalls) and all multi-user application/production servers.

 Users shall be clearly informed which actions constitute security violations. Users shall also be informed that
such violations shall be logged.

 The company retains the right, to report any illegal activities to the appropriate authorities.

6 ROLES & RESPONSIBILITIES

Information Security Group Policy Ownership, Development and Maintenance

Compliance audit & risk reviews

GIM Procedures & guidelines creation and maintenance for monitoring.

Access authorization
Incident response and report creation; review logs

Page 2