You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Enable logging for the cloud environment and for cloud-based workloads.
Applicable Service Models
IaaS, PaaS, SaaS
Mandatory Requirements
Activity
Validation
Implement adequate level of logging and reporting, including a security audit log function in all information systems.
Confirm policy for event logging is implemented.
Confirm that the following logs are included:
Sign-in logs (interactive and non-interactive sign-ins, API sign-ins)
Access privilege and group changes (including group membership and group privilege assignment)
Changes in configuration of the cloud platform
Cloud resource provisioning activities.
Configure events within the solution to support security monitoring, in accordance with the GC Event Logging Guidance.
Confirm whether monitoring and auditing is implemented for all users.
Ensure that the appropriate contact information is configured so that the cloud service provider can notify the GC organization of incidents they detect.
Confirm that the security contact record within the account should be completed with the details of at least two appropriate information security personnel (if multiple personnel are permitted by the cloud platform).
Configure an appropriate time zone for the audit records generated by your solution components.
Confirm that the appropriate time zone has been set.
Ensure that resources are assigned to monitor cloud-based events
Demonstrate that the monitoring use cases for the cloud platform have been implemented and have been integrated with the overall security monitoring activities being performed by the department (evidence could include monitoring a checklist or a system generated report).