DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Popular
  3. Open Source
  4. Security Monitoring for Enterprises: Top 7 Considerations

Security Monitoring for Enterprises: Top 7 Considerations

Want to learn more about security monitoring for enterprises? Check out this article on the top seven considerations for your enterprise.

Sean Porter user avatar by
Sean Porter
·
Oct. 04, 18 · Presentation
Like (3)
Save
Tweet
Share
2.96K Views

Join the DZone community and get the full member experience.

Join For Free

Any organization that deals with customer data understands the importance of protecting their data. You need to inspire trust in your customers. In order to hand that data over in the first place, they need to rely on you as a trusted brand who protects their sensitive information. Brands who breach customer trust have a lot to lose besides their reputation: according to the World Economic Forum, there’s a potential $10 trillion in global growth from digital consumers over the next ten years. In order to unlock this potential, companies have to inspire trust and create secure experiences for their customers. According to a CA Technologies study, 48 percent of consumers stopped using a service after a reported data breach, and 50 percent of executives at companies with public data breaches have felt the long-term business impacts of that breach.

There are many tools and technologies available to help ensure a secure experience for your users. This post will focus on (an albeit important) one: security monitoring. As Sensu’s CTO, I’m clearly not unbiased, but my recommendations here come from over a decade of experience in the industry — what I’ve seen in terms of effective (and ineffective) security monitoring.

Security Monitoring: What to Look For

When evaluating any solution for its security, you’ll certainly do your due diligence and research. Here are some additional considerations to be aware of:

  1. Find a solution that supports and uses standard cryptography. Make sure the company you’re evaluating is doing the latest and greatest in terms of transport layer security (TLS), including staying up to date with industry best practices around implementation and management.
  2. Look for architecture that allows you to deploy in a way where you don’t have to compromise your security designs or overall security practices. Said another way: you should seek out monitoring tools that traverse your network gateways and routers, so operators don’t have to compromise security by punching holes for monitoring.
  3. Seek a solution that fits your existing deployment workflows. If you have an extremely locked down (or hand-rolled) configuration management process, find a solution that’s designed to fit within that process — that doesn’t force a separate workflow onto your team.
  4. Look for a monitoring tool and execution platform that empowers you to lock it down, if need be. For Sensu 1.0, that takes the form of Safe Mode, which provides an extra layer of security by ensuring that subscription checks aren’t able to be executed on a client without the client having the check definition on disk. For Sensu 2.0 (now in Beta!), we’re working on an allow list that dictates which centrally configured checks can execute. Because it’s configured on the agent itself, you can say ahead of time: “Hey agent, you’re only allowed to execute these exact commands.” This gives users the opportunity to choose which checks you configure centrally and disable them without having to do anything on the client. (You can read more about this feature and follow its progress on GitHub.)
  5. Opt for open source technology. The benefits to open source from a security standpoint are multitudinousness: the entire codebase is available for your compliance team to examine and audit; it’s often backed by robust, active communities that are constantly improving the software; and it’s increasingly becoming the standard for enterprise infrastructures (as opposed to the exception). According to Google Cloud’s 2018 State of DevOps report, “58% of respondents agreed that their team made extensive use of open source components, libraries, and platforms, with over 50% agreeing that their team planned to expand the use of open source software.” And, major financial institutions are already on board: Capital One, for example, is a self-described open-source first organization — “actively using, contributing to, and managing open source software projects.”
  6. Choose on-premise, or “monitoring behind the firewall,” as opposed to a SaaS solution. SaaS-based monitoring providers send your data to a third-party beyond your control, making it difficult for you to enforce your own security policies. Monitoring behind the firewall gives you ultimate control to enforce your security policies and take every precaution to ensure that customer data is secure.
  7. Consider ROI by finding an efficient yet flexible monitoring tool. There are solutions that do it all: taking all your data and sending it somewhere where it’s durable, auditable, and can generate reports on it. But that comes at a high storage cost. Because it’s so cost prohibitive, organizations cut corners by monitoring less, leaving intentional holes in their visibility and reporting capabilities that can lead to even costlier breaches and downtime. A monitoring event pipeline, like Sensu, can be tailored specifically for the task you need, and is efficient with the amount of data it produces and captures.

I hope this post offered some food for thought in terms of seeking out a security monitoring solution. In future posts, we’ll dive deeper into how to secure Sensu, as well as hear from the Sensu Community. Stay tuned!

security Open source

Published at DZone with permission of Sean Porter, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • The 12 Biggest Android App Development Trends in 2023
  • How Do the Docker Client and Docker Servers Work?
  • Kotlin Is More Fun Than Java And This Is a Big Deal
  • Using JSON Web Encryption (JWE)

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: