Log management best practices: auditing production systems

Log Management Best Practices

Why would I need to audit my production systems?First reason: Legal RequirementsSome regulated environments requires that access and action on a database be tracked.The image below is a capture of version 3.2.1 of the PCIDSS standard:For health data the Nationwide Privacy and Security Framework for Electronic Exchange of Individually Identifiable Health Information is a bit less prescriptive but the obligation results in a good audition system in place:“Persons and entities

Read more

How To Make Network Segmentation More Secure And Less Difficult For Everyone

Why Network Segmentation Is Hard Very few things frustrate me more than administrative roadblocks that slow me down or make it more difficult to do work. I want to get from staging to production with as little interference as possible. The question every engineering team faces is how to allow that without compromising security? That’s the challenge of network segmentation. The goal is a segmentation strategy that creates enough segmentation

Read more

PostgreSQL logging best practices

There are several reasons why you might want an audit trail of users’ activity on a PostgreSQL database: When things go wrong you need to know what happened and who is responsible You store sensitive data, maybe even PII or PHI You are subject to compliance standards like SOC 2 or PCI DSS Both application and human access are in-scope. Since application activity can be logged directly within the app, I’ll focus

Read more

Identity Federation on AWS and Azure Instances

Why? That’s a good starting question to start with, what’s the goal? Here we’re talking about managing access to instances on AWS and Azure in a unified way and there’s a bunch of possibilities, including (not exhaustive): Local users from a csv list with a script Local users using a configuration management tool Using a central directory (NIS, AD, LDAP) Using strongDM While the two first options are legit for

Read more