Welcome!

@DevOpsSummit Authors: Pat Romanski, Jason Bloomberg, Liz McMillan, Yeshim Deniz, Zakia Bouachraoui

Related Topics: @DevOpsSummit, Linux Containers, Agile Computing, @CloudExpo, Apache

@DevOpsSummit: Blog Post

Best Practices for Cloud Logging and Data Security By @TrevParsons | @DevOpsSummit [#DevOps]

Best Practices for Cloud Logging, Security, & Data Protection

Best Practices for Cloud Logging, Security, & Data Protection

This article originally published on the Logentries Blog.

When we first founded Logentries in 2010 a lot of people thought Viliam Holub (co-founder, CTO, and the brain behind processing billions and billions of log events in real time) and I were crazy. The common response was:

"People are not going to send their logs to the cloud... logs might contain very sensitive data..."

Like typical stubborn founders we persevered in spite of this, and today we have more than 35,000 users across 100 countries. Our customers also range from fortune 100 companies to individual developers across almost all verticals from SaaS companies, to healthcare, financial services, commerce and a bunch of others.

So, why do companies now trust sending log data to a cloud based service?  Id like to share some of the reasons we have found our customers are using secure, cloud-based logging.


  • For on-prem workloads: Your logs may be a lot safer in the cloud than they are on-premise. Cloud vendors like AWS, Google, Microsoft invest heavily in security and have hardcore security teams looking out for you. For example the level of security provided in Amazon's cloud platform is described in more detail here. Furthermore your logging provider should be looking out for you by making sure data is encrypted on the wire, sensitive data is stripped out before it leaves your network, and encrypting data at rest. It's unlikely that your homegrown logging solution will have your data locked down quite so securely, at least not without significant investment.
  • Sending logs to a remote location can be a MORE secure option: With cloud-based logging your logs are stored remotely from your running systems. This is recommended as a security best practice; if your system is compromised, a hacker will often delete the logs on your local system to remove any evidence of his/her activity. By storing your logs remotely this cannot be performed as you will have a redundant copy of the log data at Logentries.

As you consider moving your log management and analytics to the cloud, here are our five best practices you should look for from log management service to assure security:

  1. Website Integrity: A good indicator of how serious a company takes it's security is how it deals with website integrity. For cloud services this is often the gateway to your data. For example at Logentries we we redirect all web HTTP requests to our website to HTTPS. This ensures the integrity of the Logentries website by using SSL authentication between the Customer and the Logentries web interface. The Logentries service must show a valid SSL certificate to each Customer to initiate this link. Perfect Forward Secrecy is also used on our web servers for HTTPS. In addition to the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all a users' encrypted traffic, and they later crack or steal Logentries private keys, by using perfect forward secrecy they should not be able to use those keys to decrypt the recorded traffic at a point in the future.
  2. What if I have sensitive data in my logs: While it's usually a not a good idea to write PII or sensitive data to your logs, it is not always unavoidable and in some cases it can occur inadvertently or as a result of an oversight. Having the ability to search for and filter out/redact/obfuscate sensitive data from your logs is a key requirement for many organizations. The Logentries Datahubhas been designed with this in mind so that you can easily filter out and redact any sensitive data before it leaves your network. It has been designed in conjunction with a number of our customers who have data protection and security requirements and in particular for those who require PCI, HIPPA or similar audits.
  3. Is your data encrypted on the wire: Sending your logs is the clear is rarely a good idea. Data sent to a cloud logging service should be done so via SSL so that it is encrypted on the wire. You should check if your log forwarding agent/collector or syslog setup is configured to support this.
  4. Is your data encrypted at rest: Data at rest should also be encrypted. I.e any data you send to a cloud service should be encrypted when it sits on disk in the cloud environment. Ask your logging provider if this is the case and what encryption they are using for this.
  5. Where does your data reside: Check where your logs actually reside. Are they in a SOC 2 compliant data center? How is it protected? What jurisdiction is it in and what are the data protection policies in that jurisdiction.

Want to learn more or chat with a cloud logging expert? Get started with a free 30-day trial here, or contact us at [email protected]

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

@DevOpsSummit Stories
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In their Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, and Mark Lavi, a Nutanix DevOps Solution Architect, explored the ways that Nutanix technologies empower teams to react faster than ever before and connect teams in ways that were either too complex or simply impossible with traditional infrastructures.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereum.
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in multiple vertical markets. Our delegate profiles can be located in our show prospectus.
In today's always-on world, customer expectations have changed. Competitive differentiation is delivered through rapid software innovations, the ability to respond to issues quickly and by releasing high-quality code with minimal interruptions. DevOps isn't some far off goal; it's methodologies and practices are a response to this demand. The demand to go faster. The demand for more uptime. The demand to innovate. In this keynote, we will cover the Nutanix Developer Stack. Built from the foundation of software-defined infrastructure, Nutanix has rapidly expanded into full application lifecycle management across any infrastructure or cloud .Join us as we delve into how the Nutanix Developer Stack makes it easy to build hybrid cloud applications by weaving DBaaS, micro segmentation, event driven lifecycle operations, and both financial and cloud governance together into a single unified st...