Sponsored by Sumo Logic
More and more organizations are moving their data and workloads to the cloud. And with that shift, security is rising to the top of business concerns. Why? The complexities of cloud environments, which often are hybrid or multi-cloud, make security more challenging, and cyberattacks are on the rise.
A lack of visibility into such environments makes detecting and responding to security incidents difficult. Making matters worse, hybrid and multi-cloud environments present a large attack surface.
Even if an organization institutes best practices, the inter-dependencies of modern business operations based on cloud-native applications often rely on third-party apps, data, and connections. The market has seen multiple major breaches over the last few years initiated via exploiting a supply chain partner.
Regulations and auditing demands on the rise
These issues are happening at a time when data privacy and data protection regulations are evolving, the associated penalties are stiffer, and security compliance audit requirements and demands are growing. A common audit most organizations go through is a SOC 2 audit. SOC (Systems and Organization Controls) 2 is a technical audit performed by an American Institute of Certified Public Accountants (AICPA) auditor or firm that ensures service providers securely manage an organization’s data to protect the interests of the organization and the privacy of its clients.
Depending on the nature of the business, other compliance regulations might come into play. Any business offering employee health insurance (or health services) must comply with HIPAA regulations. Online merchants, retailers, hotels, restaurants, entertainment venues, and more that take credit cards must deal with Payment Card Industry Data Security Standard (PCI DSS) regulations. And any organization or cloud provider doing business with the Federal government must gain FedRAMP certification.
These are in addition to the bevy of regional data privacy regulations, including those from the EU, such as those spelled out in the General Data Protection Regulation (GDPR) and in California as per the California Consumer Privacy Act (CCPA).
So, how should organizations deal with today’s complex cloud security and compliance issues? In a recent talk on platform compliance and security, George Gerchow, Sumo Logic’s Chief Security Officer, noted that any approach to security and audit readiness must be forward-thinking because regulations are always changing.
For example, he noted three regulatory changes are coming that organizations must be ready for. They include:
- New SEC guidelines around cybersecurity will force public-facing companies to report material incidents within four days.
- PCI moving from 3.2 to 4.0 in the next few years, where PCI DSS v4.0 focuses on six areas (security, customized implementation, authentication, encryption, monitoring, and critical control testing frequency methods).
- FedRAMP is moving from this 800-53 Rev 4 to Rev 5 with significant control and privacy changes.
Tools to help audit and compliance and the role of data analytics
The wide-scale use of microservices, cloud instances, multi-cloud deployments, API-based applications, and more create many inter-dependencies, any one of which can impact security.
Because of the interplay of the various elements in a hybrid or multi-cloud environment, different functional teams contribute to security and compliance assurance. Everyone from infrastructure teams, SREs, DevOps, SecOps, and more play a role.
When teams use standard tools and techniques to monitor an organization’s hybrid and multi-cloud environment, they easily become overwhelmed with alerts, logs, and traces from disparate systems. This data should help spot security problems in the making, but it often just adds to the noise.
That is driving the need for new thinking and new approaches. What’s needed is a solution that aggregates and analyzes this vast amount of information pouring in, generates actionable security awareness insights, and does so in a time frame where teams act on those insights before harm occurs.
To that end, Sumo Logic helps organizations modernize their security operations via Cloud Security Analytics, a solution for every team with a stake in the cloud environment. Specifically, Sumo Logic’s cloud-native platform makes collecting, storing, and searching security information and cloud data easy and cost-effective in one central, secure location.
Cloud Security Analytics can support an organization’s audit and compliance efforts. For example, an organization can streamline its compliance processes with the solution’s data monitoring and security and configuration analyses required for rapid, continuous compliance readiness for security frameworks like HIPAA, NIST, CMMC, or ISO 27001.
The solution’s out-of-the-box integration apps include pre-built searches and granular dashboards to demonstrate continuous compliance and shorten audit cycles across cloud and on-premises environments. That reduces the manual effort typically spent on time-intensive security audits.
The Sumo Logic PCI Application is a specific example of how Sumo Logic can help with auditing and compliance. It offers ready-made dashboards that monitor every aspect of PCI compliance. And it allows organizations to do targeted searches into any aspect. Additionally, the solution produces ad-hoc reports with automated visualization capabilities that make it easier for organizations to understand their PCI compliance standing and spot potential problems in the making.
Doing double duty: Enhanced security and assured compliance
The complexity of modern hybrid and multi-cloud environments makes data security and compliance auditing difficult using traditional monitoring and point security solutions. Sumo Logic offers a single cloud-native SaaS platform to address the similar needs in these areas of different teams like SecOps and DevOps.
Key security attributes that help include cloud-scale collection, storage, security analytics, and threat detection. Sumo Logic’s advanced algorithms enable and enhance these functions to deliver insights quickly and efficiently into ongoing security threats.
Salvatore Salamone is a physicist by training who has been writing about science and information technology for more than 30 years. During that time, he has been a senior or executive editor at many industry-leading publications including High Technology, Network World, Byte Magazine, Data Communications, LAN Times, InternetWeek, Bio-IT World, and Lightwave, The Journal of Fiber Optics. He also is the author of three business technology books.