eBooks

OreillyMultiCloudFinalEBOOK

Learn all you need to know about email best practices, deliverability, and tools with email whitepapers and ebooks.

Issue link: https://hub.dyn.com/i/1119883

Contents of this Issue

Navigation

Page 41 of 57

panies routinely miss alerts or don't respond to alerts in a timely fashion, leading to costly data loss or exposure. Security monitoring adds yet another layer of complexity. But the good news is that security monitoring is very manageable. Although it's not easy to implement, it can be done. And many organizations today are successfully monitoring their applications for attacks and other security incidents. It begins with understanding the event logging capabilities of the infrastructure in use in the multicloud environment. If you are start‐ ing from scratch, this is easy because you can ensure that all systems or vendors being deployed meet strict logging requirements that you set. Those requirements should consist of things like: • Consistent event logging with clear explanation of events • A way to access logs remotely, either through Syslog, an API, or another standard logging interface • A well-defined log structure so that it is easy to develop new collectors Compatibility with log aggregate tools used by the organization If a vendor cannot meet these requirements and others that might be specific to your organization, choose another one whenever pos‐ sible. Of course, even new multicloud deployments might involve the use of legacy systems. These systems might not meet the requirements you outline. In these cases, you need to ensure that the compensat‐ ing controls from other security systems can provide your team with the same types of information. Remember that it's important to standardize on a log aggregate tool. This will help you avoid the prospect of having to manage the secu‐ rity of dozens or hundreds of systems in your multicloud architec‐ ture one console at a time. Instead, you want to make sure that you are sending those logs to a centralized location so that they can be aggregated and correlated. Of course, you might already have a log aggregate tool in place. You might use a SIEM system or an MSSP to handle your monitoring 36 | Chapter 3: Security in Multicloud Environments

Articles in this issue

view archives of eBooks - OreillyMultiCloudFinalEBOOK