How exciting is that? You combine 3 non-specific words – cloud, security, monitoring – and you get … what exactly? Let’s find out!
This quarter my research focuses on cloud security monitoring and cloud logging. I will try to define the subject(s) and then provide analysis and recommendations for architecting security monitoring of public cloud assets deployed in IaaS, PaaS and even SaaS environments (the word “luck” will likely be used in that last section a lot).
Here’s where I want to take the discussion: if you have IT assets deployed on a public cloud provider network today, and you want to monitor them by using log data, where would you rather send that log data? Your broad choices are (unless you have an MSSP contract, which will change the situation a bit):
- Back to your SIEM tool deployed in your environment (if any): your cloud logs -> your environment
- To a dedicated SaaS log management tool: your cloud logs -> another cloud environment.
When I asked a few people, whether they would conceptually lean towards Choice 1 or Choice 2, they picked Choice 3.
Huh? The Choice 3 is “we are still trying to figure it out, for now we don’t monitor those assets.” A few others mistook cloud for outsourcing and stated that “they trust their provider to deal with logs”…. That’s life in the cloud circa 2012 for you.
Future posts will touch upon such exciting subjects as “what logs you can hope to get in different cloud scenarios?”, “how to compensate for not having logs?” and a few other cloud-specific monitoring challenges that you’ll face in the near future.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.