In today’s increasingly complex digital landscape, no organization operates in a vacuum—security is a shared responsibility. When it comes to audit record review, analysis, and reporting in FutureFeed, both FutureFeed and its customers play distinct but complementary roles in safeguarding data and ensuring the integrity of operations. Understanding this partnership is key to effectively detecting and responding to unauthorized or unusual activity, ultimately creating a more secure environment for everyone involved.
FutureFeed’s Responsibility: Ensuring Foundational Audit Capabilities
FutureFeed takes the lead in auditing relevant user activities and logging critical events and content necessary for monitoring, analyzing, investigating, and reporting potential incidents. These event logs—detailed in the FutureFeed Front-End Application Security Guide (FASG) —are designed to provide a reliable foundation for incident detection and response. To support transparency, FutureFeed offers customers built-in access to key activity data, such as:
- Live document revision history
- User last login information
- Implementation summary narrative history
Additionally, FutureFeed monitors audit logs for general suspicious and unusual activity across the platform. However, it’s important to note that FutureFeed’s visibility is limited to application-level events; it does not have insight into customer-defined roles, responsibilities, and internal policies. As a result, certain actions—such as a user deliberately deleting or altering data—may appear normal from FutureFeed’s perspective but could represent malicious intent within the customer’s environment and can only be detected by the customer.
This limitation means FutureFeed relies on customer-initiated reports of suspicious activity. Upon receiving such a report, FutureFeed can generate detailed audit logs and assist in investigations by analyzing specific events within the application. This collaboration ensures that customers have the support they need while FutureFeed focuses on maintaining robust auditing capabilities.
Customer’s Responsibility: Monitoring and Correlating Audit Information
Customers are encouraged to and are responsible for monitoring user activity within their subscription environment based on their own internal policies, regulatory obligations, and risk management practices. This may include activities like reviewing the audit data available within FutureFeed to detect suspicious or unauthorized actions that may violate internal policies or indicate malicious behavior.
Additionally, customers should educate their users on proper account usage, emphasizing the importance of using only their assigned accounts and not sharing login credentials. This practice helps maintain individual accountability, ensures accurate audit trails, and strengthens the effectiveness of incident investigations.
If customers identify or suspect malicious user activity, they should promptly contact FutureFeed support to request assistance with investigating, analyzing, and reporting. While FutureFeed can provide valuable insights and generate additional logs for review, the customer is ultimately responsible for correlating the provided FutureFeed audit logs with their internal audit records to gain a complete, “big picture” view of the incident.
Given that FutureFeed cannot currently forward audit logs to a customer’s SIEM, customers should treat FutureFeed as a separate central audit log repository. As part of their incident response process, customers may choose to integrate FutureFeed audit data with logs from other systems to support comprehensive investigations and reporting.
Summary of Shared Responsibility: Building a Collaborative Security Approach
Effective incident detection and response in FutureFeed relies on a collaborative approach, with each party fulfilling specific responsibilities:
-
FutureFeed ensures that:
- Audit logging is properly implemented.
- General suspicious activity is monitored.
- Assistance is provided during investigations by generating and analyzing detailed logs.
-
Customers are responsible for:
- Educating their users on proper account use to maintain accountability.
- Monitoring user activity within their subscription environment.
- Identifying potentially unauthorized or suspicious actions based on their internal understanding of user roles and responsibilities.
- Contact FutureFeed when suspicious or unauthorized user activity is suspected/detected.
- Correlating FutureFeed audit logs with their own audit data to build a holistic view of an incident.
- Requesting additional audit log information or reports as needed.
Together, this shared responsibility model ensures that audit record review, analysis, and reporting processes are aligned for effective investigation and timely response to indications of unlawful, unauthorized, suspicious, or unusual activity. By working hand-in-hand, FutureFeed and its customers can build a more resilient and secure compliance environment.
Comments
0 comments
Please sign in to leave a comment.