A request to cloud providers: Give us the logs.If you are a cloud provider or you offer anything online as a service, please let me see and access the internal logs (activity) for my account.
How useful would it be if I could go to my Gmail account and track any logins, logouts, failed logins or other important activity that happened to my account? Or if I went to Amazon and could extract the logs and see something like that:
2011-05-22 11:42:11 [MYIP] Authentication success (user logged in): firstname.lastname@example.org.
2011-05-20 10:37:21 [MYIP] Purchase book: [BOOK] - Shipped to: [ADDRESS]
2011-05-20 10:34:53 [MYIP] Authentication success (user logged in): email@example.com.
2011-05-20 10:34:42 [MYIP] Authentication failed: firstname.lastname@example.org.
2011-05-19 22:44:09 [MYIP] Authentication success (user logged in): email@example.com.
This is not hard to do. We even on our site, we offer that option. Every user can access their own logs and it just took a couple of hours to get that done.
This is specially important for enterprise (non personal) solutions in the cloud, like web hosting, backups, security, etc. Yes, including Google apps for your domain, Salesforce, Amazon, Basecamp and others. I would love to extract those logs and add to my OSSEC servers and combine with our log management tools. Just because you are in the "cloud" doesn't mean that we don't need audit trails and other controls that are part of any security program.
Can you guys do that for me? Please? Google? Amazon? Startups? Who else?