Question

A managed service provider is designing a log aggregation service for customers who no longer want to manage an internal SIEM infrastructure. The provider expects that customers will send all types of logs to them, and that log files could contain very sensitive entries. Customers have indicated they want on-premises and cloud-based infrastructure logs to be stored in this new service. An engineer, who is designing the new service, is deciding how to segment customers.

Which of the following is the BEST statement for the engineer to take into consideration?

A. Single-tenancy is often more expensive and has less efficient resource utilization. Multitenancy may increase the risk of cross-customer exposure in the event of service vulnerabilities.

B. The managed service provider should outsource security of the platform to an existing cloud company. This will allow the new log service to be launched faster and with well-tested security controls.

C. Due to the likelihood of large log volumes, the service provider should use a multitenancy model for the data storage tier, enable data deduplication for storage cost efficiencies, and encrypt data at rest.

D. The most secure design approach would be to give customers on-premises appliances, install agents on endpoints, and then remotely manage the service via a VPN.

Answer 1

The best statement for the log aggregation service design is to recognize that single-tenancy ensures better security at a higher cost, while multitenancy is cost-effective but increases risk without robust isolation.

Step-by-step explanation:

Considerations for Log Aggregation Service Design

When designing a log aggregation service, especially one that handles sensitive entries from both on-premises and cloud-based infrastructure, it is crucial to consider the security and isolation aspects of the service. Taking the engineer's decision into consideration, the best statement to reflect on is that:

• Single-tenancy is often more expensive and has less efficient resource utilization. Multitenancy may increase the risk of cross-customer exposure in the event of service vulnerabilities.

This statement acknowledges both the economic and security implications of the architecture choice. While multitenancy can indeed be more cost-efficient due to shared resources, it also has higher risks if not implemented with robust isolation mechanisms. Conversely, a single-tenant architecture is typically more secure since each customer's data is kept separate, but this comes at a higher cost and potential underutilization of resources. Therefore, a balanced approach that ensures secure multitenancy with data isolation and strong access controls could be optimal.

It is also significant for the service to implement strong security measures such as encryption at rest and during transit, along with regular security audits and monitoring to mitigate risks. Considering multitenancy, measures to prevent data leakage between tenants are essential, possibly supplemented by using virtual private clouds (VPC) for additional isolation.