Welcome!

@DevOpsSummit Authors: Elizabeth White, Zakia Bouachraoui, Liz McMillan, Pat Romanski, Roger Strukhoff

Related Topics: @DevOpsSummit, Linux Containers, Agile Computing, @CloudExpo, Apache

@DevOpsSummit: Blog Post

Best Practices for Cloud Logging and Data Security By @TrevParsons | @DevOpsSummit [#DevOps]

Best Practices for Cloud Logging, Security, & Data Protection

Best Practices for Cloud Logging, Security, & Data Protection

This article originally published on the Logentries Blog.

When we first founded Logentries in 2010 a lot of people thought Viliam Holub (co-founder, CTO, and the brain behind processing billions and billions of log events in real time) and I were crazy. The common response was:

"People are not going to send their logs to the cloud... logs might contain very sensitive data..."

Like typical stubborn founders we persevered in spite of this, and today we have more than 35,000 users across 100 countries. Our customers also range from fortune 100 companies to individual developers across almost all verticals from SaaS companies, to healthcare, financial services, commerce and a bunch of others.

So, why do companies now trust sending log data to a cloud based service?  Id like to share some of the reasons we have found our customers are using secure, cloud-based logging.


  • For on-prem workloads: Your logs may be a lot safer in the cloud than they are on-premise. Cloud vendors like AWS, Google, Microsoft invest heavily in security and have hardcore security teams looking out for you. For example the level of security provided in Amazon's cloud platform is described in more detail here. Furthermore your logging provider should be looking out for you by making sure data is encrypted on the wire, sensitive data is stripped out before it leaves your network, and encrypting data at rest. It's unlikely that your homegrown logging solution will have your data locked down quite so securely, at least not without significant investment.
  • Sending logs to a remote location can be a MORE secure option: With cloud-based logging your logs are stored remotely from your running systems. This is recommended as a security best practice; if your system is compromised, a hacker will often delete the logs on your local system to remove any evidence of his/her activity. By storing your logs remotely this cannot be performed as you will have a redundant copy of the log data at Logentries.

As you consider moving your log management and analytics to the cloud, here are our five best practices you should look for from log management service to assure security:

  1. Website Integrity: A good indicator of how serious a company takes it's security is how it deals with website integrity. For cloud services this is often the gateway to your data. For example at Logentries we we redirect all web HTTP requests to our website to HTTPS. This ensures the integrity of the Logentries website by using SSL authentication between the Customer and the Logentries web interface. The Logentries service must show a valid SSL certificate to each Customer to initiate this link. Perfect Forward Secrecy is also used on our web servers for HTTPS. In addition to the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all a users' encrypted traffic, and they later crack or steal Logentries private keys, by using perfect forward secrecy they should not be able to use those keys to decrypt the recorded traffic at a point in the future.
  2. What if I have sensitive data in my logs: While it's usually a not a good idea to write PII or sensitive data to your logs, it is not always unavoidable and in some cases it can occur inadvertently or as a result of an oversight. Having the ability to search for and filter out/redact/obfuscate sensitive data from your logs is a key requirement for many organizations. The Logentries Datahubhas been designed with this in mind so that you can easily filter out and redact any sensitive data before it leaves your network. It has been designed in conjunction with a number of our customers who have data protection and security requirements and in particular for those who require PCI, HIPPA or similar audits.
  3. Is your data encrypted on the wire: Sending your logs is the clear is rarely a good idea. Data sent to a cloud logging service should be done so via SSL so that it is encrypted on the wire. You should check if your log forwarding agent/collector or syslog setup is configured to support this.
  4. Is your data encrypted at rest: Data at rest should also be encrypted. I.e any data you send to a cloud service should be encrypted when it sits on disk in the cloud environment. Ask your logging provider if this is the case and what encryption they are using for this.
  5. Where does your data reside: Check where your logs actually reside. Are they in a SOC 2 compliant data center? How is it protected? What jurisdiction is it in and what are the data protection policies in that jurisdiction.

Want to learn more or chat with a cloud logging expert? Get started with a free 30-day trial here, or contact us at [email protected]

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

@DevOpsSummit Stories
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected path for IoT innovators to scale globally, and the smartest path to cross-device synergy in an instrumented, connected world.
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
ScaleMP is presenting at CloudEXPO 2019, held June 24-26 in Santa Clara, and we’d love to see you there. At the conference, we’ll demonstrate how ScaleMP is solving one of the most vexing challenges for cloud — memory cost and limit of scale — and how our innovative vSMP MemoryONE solution provides affordable larger server memory for the private and public cloud. Please visit us at Booth No. 519 to connect with our experts and learn more about vSMP MemoryONE and how it is already serving some of the world’s largest data centers. Click here to schedule a meeting with our experts and executives.
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the modern business digitalization solutions. Achieve up to 50% early-stage technological process development cost cutdown with science and R&D-driven investment strategy with Codete's support.
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embracing the reality of Serverless architectures, which are critical to developing and operating real-time applications and services. Serverless is particularly important as enterprises of all sizes develop and deploy Internet of Things (IoT) initiatives.