Security is a shared responsibility in the cloud. Here’s how to keep your SaaS platform secure with forensic analysis and an audit trail.
Do you ever stop and wonder if your company’s data is secure? Or if you have the right protocols in place to monitor the activity of users across all of your applications? If these things keep you up at night, you’re not alone! With rapid technology advancement across the globe, data breaches have become a top concern for both enterprises and consumers. A breach today can impact millions of consumers, and millions of individual records, from one single attack.
In 2018 the United States saw 1,244 data breaches and had 446.5 million exposed records. Even more shocking, research by IBM Security reports that the cost of lost business after a breach for U.S. organizations is $4.2 million. There’s never been a better time to protect yourself and your customers! That’s why you can keep your software as a service (SaaS) platform secure with forensic analysis and an audit trail.
Security is a shared responsibility
Security is a shared responsibility in the cloud. While your SaaS provider brings the tools and innovation, it’s your company’s responsibility to implement controls and best practices. For example, Salesforce provides its customers with secure mechanisms for authentication and authorization, while the customer must securely store access tokens. With an audit trail, your SaaS provider can generate platform event logs. However, you are responsible for reading and analyzing the data.
Reasons to use an audit trail
So how can you obtain important audit data, such as who did what, and when, in your platform? Enter the audit trail, which is used to validate and monitor activity taking place in your SaaS platform. While there are probably 4.2 million reasons WHY an audit trail can help, let’s focus on three main use cases:
1. Keep track of change
Challenge: A marketing admin needs to keep track of key changes to her company’s account.
Solution: An audit trail provides information like who did what, and when while logged into your SaaS platform. Some examples include user authentication, changes to users, or changes to security settings. This audit data is crucial to diagnose potential or real security issues, and it’s also a great aid for compliance.
2. Monitor and report for compliance
Challenge: A security admin or governance risk manager is responsible for her company’s security policy around forensic analysis, and also security incident monitoring and reporting.
Solution: An audit trail allows security administrators to view platform access and activity records. Typically the data is provided through automated data extracts or a REST API. Having this data readily available means removing your SaaS provider as a bottleneck in scenarios where you might need to perform basic forensic analysis.
3. Gain a holistic view
Challenge: A CIO or CSO must have a holistic view of key events in their applications. They own the internal/external audit requirements for the business and must ensure a smooth process is in place.
Solution: Audit trail data is used for forensic analysis to keep track of activity in a SaaS platform. Keep in mind that an audit trail, like the kind available in Marketing Cloud, is not an anomaly detection tool. It provides raw audit data without predicting anomalies or alerting customers on certain events. It is up to customers to extract and interpret this data or integrate it with their own anomaly detection tool.
How to get started today
To enable Audit Trail in your Marketing Cloud instance, simply navigate to Setup —> Security —> Security Settings —> Enable Audit Logging Data Collections. If you’re interested in learning more about Audit Trail Premium, please contact a Marketing Cloud Account Executive.
You can also learn more by out this on-demand webinar where security expert Miku Konsolas and I explain how to leverage the Marketing Cloud Audit Trail to diagnose potential or real security concerns.