%20Logos%202022/sharetru-white-logo.svg){kind=logo}
Why Sharetru?
Platform
The paucity of security visibility that most providers offer their customers is itself getting plenty of visibility. Obviously, when using a public cloud service, companies must balance the competing factors of control, visibility and cost. This can be a significant issue—reduced visibility results in diminished situational awareness and a questionable understanding of risk. When planning a move to the cloud, an organization needs to recognize this lack of visibility and determine how to best leverage what insight they can get their hands on. Really, this means designing mitigating controls.
At the infrastructure and platform levels, this is straightforward: Log more information in your applications and set systems up to generate alerts when signs of compromise or malicious use are spotted (for example, when files are modified, records are changed more frequently than usual, or resource usage is abnormally high). For software as a service (SaaS), though, these precautions will require more thought.
SaaS providers are beginning to distinguish themselves via security features. Organizations vetting SaaS providers should consider how they will handle risk awareness—does the provider offer usage data that is granular enough to recognize changes in usage? (Monthly billing doesn't really cut it, unless the risk scenario is a malefactor who only attacks on the 29th of the month.)
If a malicious user attempts to access data stored in the cloud, how will the company learn of this? If sensitive data is modified or destroyed, is there a way for you to be notified quickly? Frequently, providers will offer a wider variety of information via an API than they do in their dashboard. While this does require that you get code written that can leverage the API, modern APIs are usually easy to work with, and the information you gain as a result will be valuable to risk-sensitive organizations.
It would be great to have a standardized API for gathering security information from a provider, but as far as I know, no one is developing one right now.
