SEC09-04 Security Situation Awareness

All access to network resources and critical data must be monitored. Implementing comprehensive activity logging mechanism and user behavior tracking can significantly reduce the threat of malicious activities to data. When an error or security event is reported for a system, you can trace, alert, and analyze the error or security event and quickly locate the cause of the threat.

• Risk level

  Medium

• Key strategies
  • Aggregate alerts/events from multiple security services to enable data association, retrieval, sorting, and comprehensive security operations assessment.
  • Generate periodic security status reports to summarize the security situation, including issues identified and actions and improvement measures taken.
  • Ensure that all security measures comply with applicable laws and regulations and industry standards, such as DJCP, GDPR, HIPAA, and PCI DSS.
  • Provide regular security training for employees to improve their awareness and understanding of cloud security.
• Related cloud services and tools
  • SecMaster
  • Cloud Eye: You can use Cloud Eye to receive alarm notifications of security events. Cloud Eye provides alarm notifications based on monitored metrics. If a monitored metric of a cloud service reaches the threshold specified in an alarm rule, Cloud Eye notifies you by email or text message, so that you can learn cloud service statuses in a timely manner. Cloud Eye can also send HTTP/HTTPS messages to an IP address of your choice, helping you build smart alarm handling programs.