In this presentation, we will demonstrate some practical aspects of the technology design, and tell you the story of how we implemented collection, storing, and processing logs from cloud service providers such as Salesforce and Workday. Special attention will be given to real-time alerts which are implemented in order to notify cloud system administrators about potential security vulnerabilities or unauthorized access to sensitive data so that we can take action to prevent breaches and mitigate risks.

Log management and analysis is a vital part of an organization's system administration and security. Log entries contain information that refer to different operational and security events, and are used for a variety of purposes, such as recording user activities, tracking authentication attempts, and identifying security vulnerabilities.

In alignment with UBC IT's strategic goal of improving information privacy and security awareness and protection, we have started collecting and analyzing logs for operational and security purposes. UBC IT has been using Log Aggregation system since 2014 to gather logs from our on-premise applications. We have now been moving some of our key systems to the cloud and because of this, it is becoming increasingly important to aggregate not only logs from our on-premise systems, but also to include logs from cloud service providers.

Speakers

Sharon Rashtian
Senior Manager, Enterprise Systems Support | University of British Columbia

Sharon Rashtian is currently holding the position of Senior Manager, Enterprise Systems Support at UBC department of Information Technology. Sharon currently leads Academic Systems, Research Information Systems, and Salesforce Platform as part of her portfolio. She has led many IT projects, and initiatives to improve stability and availability of UBC’s Enterprise Systems.

Armenak Grigoryan
Applications Architect | University of British Columbia

Armenak Grigoryan is from Vancouver, Canada where he works as an Application Architect at UBC. He has 25+ years of experience with Software Development and Software Architecture with a focus on data processing. In his spare time, Armenak enjoys developing open source tools and learning new technologies.

Session Recording