Welcome!

Government Cloud Authors: Elizabeth White, Pat Romanski, Dana Gardner, Liz McMillan, Gopala Krishna Behara

Related Topics: @DevOpsSummit, Linux Containers, Agile Computing, @CloudExpo, Apache

@DevOpsSummit: Blog Post

Best Practices for Cloud Logging and Data Security By @TrevParsons | @DevOpsSummit [#DevOps]

Best Practices for Cloud Logging, Security, & Data Protection

Best Practices for Cloud Logging, Security, & Data Protection

This article originally published on the Logentries Blog.

When we first founded Logentries in 2010 a lot of people thought Viliam Holub (co-founder, CTO, and the brain behind processing billions and billions of log events in real time) and I were crazy. The common response was:

"People are not going to send their logs to the cloud... logs might contain very sensitive data..."

Like typical stubborn founders we persevered in spite of this, and today we have more than 35,000 users across 100 countries. Our customers also range from fortune 100 companies to individual developers across almost all verticals from SaaS companies, to healthcare, financial services, commerce and a bunch of others.

So, why do companies now trust sending log data to a cloud based service?  Id like to share some of the reasons we have found our customers are using secure, cloud-based logging.


  • For on-prem workloads: Your logs may be a lot safer in the cloud than they are on-premise. Cloud vendors like AWS, Google, Microsoft invest heavily in security and have hardcore security teams looking out for you. For example the level of security provided in Amazon's cloud platform is described in more detail here. Furthermore your logging provider should be looking out for you by making sure data is encrypted on the wire, sensitive data is stripped out before it leaves your network, and encrypting data at rest. It's unlikely that your homegrown logging solution will have your data locked down quite so securely, at least not without significant investment.
  • Sending logs to a remote location can be a MORE secure option: With cloud-based logging your logs are stored remotely from your running systems. This is recommended as a security best practice; if your system is compromised, a hacker will often delete the logs on your local system to remove any evidence of his/her activity. By storing your logs remotely this cannot be performed as you will have a redundant copy of the log data at Logentries.

As you consider moving your log management and analytics to the cloud, here are our five best practices you should look for from log management service to assure security:

  1. Website Integrity: A good indicator of how serious a company takes it's security is how it deals with website integrity. For cloud services this is often the gateway to your data. For example at Logentries we we redirect all web HTTP requests to our website to HTTPS. This ensures the integrity of the Logentries website by using SSL authentication between the Customer and the Logentries web interface. The Logentries service must show a valid SSL certificate to each Customer to initiate this link. Perfect Forward Secrecy is also used on our web servers for HTTPS. In addition to the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all a users' encrypted traffic, and they later crack or steal Logentries private keys, by using perfect forward secrecy they should not be able to use those keys to decrypt the recorded traffic at a point in the future.
  2. What if I have sensitive data in my logs: While it's usually a not a good idea to write PII or sensitive data to your logs, it is not always unavoidable and in some cases it can occur inadvertently or as a result of an oversight. Having the ability to search for and filter out/redact/obfuscate sensitive data from your logs is a key requirement for many organizations. The Logentries Datahubhas been designed with this in mind so that you can easily filter out and redact any sensitive data before it leaves your network. It has been designed in conjunction with a number of our customers who have data protection and security requirements and in particular for those who require PCI, HIPPA or similar audits.
  3. Is your data encrypted on the wire: Sending your logs is the clear is rarely a good idea. Data sent to a cloud logging service should be done so via SSL so that it is encrypted on the wire. You should check if your log forwarding agent/collector or syslog setup is configured to support this.
  4. Is your data encrypted at rest: Data at rest should also be encrypted. I.e any data you send to a cloud service should be encrypted when it sits on disk in the cloud environment. Ask your logging provider if this is the case and what encryption they are using for this.
  5. Where does your data reside: Check where your logs actually reside. Are they in a SOC 2 compliant data center? How is it protected? What jurisdiction is it in and what are the data protection policies in that jurisdiction.

Want to learn more or chat with a cloud logging expert? Get started with a free 30-day trial here, or contact us at [email protected]

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

IoT & Smart Cities Stories
In this Women in Technology Power Panel at 15th Cloud Expo, moderated by Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, Esmeralda Swartz, CMO at MetraTech; Evelyn de Souza, Data Privacy and Compliance Strategy Leader at Cisco Systems; Seema Jethani, Director of Product Management at Basho Technologies; Victoria Livschitz, CEO of Qubell Inc.; Anne Hungate, Senior Director of Software Quality at DIRECTV, discussed what path they took to find their spot within the tec...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and G...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...