Sumo Logic Assurance Programs
See Who’s Running Securely on the Sumo Logic Cloud Platform
Download free analyst reports, white papers, data sheets and videos to learn how Sumo Logic Cloud Platform maintains security and compliance in the cloud
A journey down the path of enlightenment and leveraging the power of automation.
The Sumo Logic security model is an end-to-end process, focused on keeping customers’ information safe.
Assessing the Risk: Can the Cloud Can Be More Secure Than Your On-Premise Environments?
Sumo Logic currently achieved the following attestations/certifications:
- PCI DSS 3.2 Service Provider Level 1
- SOC 2 Type II
- ISO 27001
- CSA Star
- US-EU Privacy Shield
- TRUSTe Certified Privacy
While many other SaaS providers rely on AWS certifications, Sumo Logic implemented its own security controls, completed audits with a third party independent audit firm, BrightLine CPA, and obtained attestations/certifications for its log management service.
Only customers have access to their data, unless they enable access to their data to Sumo Logic’s Customer Success team. Even then authorized Sumo Logic employees will access a customer data only in response to a specific support request. All access to customer data is logged and auditable. Moreover, Sumo Logic has read only access to customer data.
Data ingested by Sumo Logic is split into two streams, an Index stream and a Raw stream. Each of these streams is encrypted using customer specific encryption keys rotated every 24 hours. In addition to the encryption keys, the disks are themselves encrypted. When data expires per the retention period, the indexes and customer specific keys are deleted. This accomplishes two things,
- The indexes cannot be located and thus recovered
- The raw data cannot be decrypted
This unrecoverable data will remain on additionally encrypted disks until Sumo Logic runs a periodic disk cleanup, which is done using a DoD 5220.22-M scrub.
If the customer wants to pull out any of their unexpired data in the event they choose to cancel their Sumo contract, the data can be pulled down from the API, exported to CSV or placed in an S3 bucket owned by the customer. This must be done before the contract/subscription expires or is cancelled.
We use Sumo Logic for logging and alerting on security events. All security events are addressed in accordance with our incident response policy:
- Critical Issues: Remediation efforts will begin immediately
- High Severity Issues: Remediation efforts will begin within 5 days
- Medium Severity Issues: Remediation efforts will begin within 60 days
- Low Severity Issues: Remediation efforts begin in accordance with their business and customer impact
To report any disruptions or suspected security incidents to the Sumo Logic platform or service, please contact us at Securityemail@example.com.