At Border0 we love hearing and learning from the feedback our customers provide. In today’s blog I’d love to talk about a feature that has come up various times: taking back control of your session recording data, with the ability to send your session recordings to your own S3 bucket. Because, let's face it, who likes feeling like they're not in the driver's seat when it comes to their data?
Data Ownership and Control
Using the newly introduced "session storage" feature, Border0 administrators can now configure where session recording data should be stored. At the time of writing, we support two options: the default, Border0 Managed S3 bucket, or your own S3 bucket. We're evaluating more storage options, so let us know your preference!
By storing your session recording data in your own S3 bucket, we ensure that you, the customer, have the final say over your data. This level of autonomy keeps you in the driver's seat and facilitates a tailored approach to dealing with your sensitive data.
Prioritizing Privacy and Compliance
By default your session logs are stored in a Border0 controlled S3 bucket. Security is our top priority, and while we’re SOC2 compliant, do periodic penetration tests, and follow best practices when it comes to data security, there are reasons why you may want to use your own S3 buckets.
Whether it’s GDPR, or any other regulatory framework, having direct control over your session recordings simplifies adherence to legal requirements. Moreover, the flexibility in data retention offered by this feature means that your organization can decide the lifespan of its logs, aligning with both operational needs and compliance mandates.
Finally, you are in complete control of who can access your data. You set the rules!
Straightforward Integration with AWS S3
In everything we do, we try to keep things as simple, and secure as possible! And the bring your own S3 bucket feature is no exception. This feature uses a cross-account AWS IAM role and thus requires no credentials to be provided to Border0, yay!
To demonstrate how easy it is to use this new feature, we've prepared a quick video demo that showcases the process of linking your Border0 account with the AWS account you use for S3. It will take just one minute to set this up.
We recommended using the provided CloudFormation template, as it makes the integration process straightforward and quick.
But even doing it manually is easy. All that's required is the name of your S3 bucket and the IAM role ARN (Amazon Resource Number), which allows Border0 to securely upload and optionally read session recordings to and from your S3 bucket. This not only puts you in complete control of your data but also ensures that the process is straightforward and secure. Note, that for session replays from the Border0 portal to work, we need read permission as well.
For a more detailed walkthrough, our documentation and video resources are available to guide you every step of the way.
Comprehensive Visibility and Security
Border0's session recording capabilities go beyond traditional network flow monitoring, offering deep insights into the details of each session. With Border0, administrators gain a clear view of who connected to which server, when, from where, and for how long. But we don't stop there—our session recording and replay features enable you to replay these sessions like a video, allowing you to also see exactly what happened during these sessions! Giving you insights into what commands were used during an SSH session, or what database queries were executed.
This feature is pivotal for strong security and ensuring regulatory compliance. The detailed logs facilitate rapid response to incidents, enable proactive security oversight, and support compliance with stringent standards such as GDPR and HIPAA. By delivering precise, verifiable session records, Border0 streamlines the compliance process, becoming an essential asset for organizations dedicated to maintaining a secure and compliant enviroment.
Conclusion
Comprehensive visibility into your infrastructure is essential to staying secure and productive, and we're excited to share this next step to make it easier than ever to keep control over your session recordings.
We invite you to explore this feature and experience firsthand how easy it is to set this up. As always, the Border0 team stands ready to assist you in navigating this new capability and ensuring Access management for your infrastructure is seamless and secure.
Not a Border0 customer yet? If you’re interested in taking Border0 for a spin, you can request a personalized demo from our team or try it out yourself for free here!