iconik Shield
iconik Shield is an add-on service to iconik that once enabled can provide an additional level of security to those customers that need. Pricing for this can be found on the iconik pricing page in the calculator in the "Advanced" options.
There are two features that iconik Shield covers when enabled:
- IP Allow List
- User Audit Log streaming
iconik Shield can be turned on/off and administered through the iconik Admin interface
IP Allowlist
When the the IP Allowlist is enabled, it will only allow users to access iconik from a list of IP addresses or CIDR-prefixes. The filtering can be applied either for an individual user, user groups, or globally for your iconik account. This allows for the following scenarios:
- Limit which IP addresses users can access iconik from.
- Restrict users in a group so that they can only access from within a certain network.
- Restrict your iconik account to only certain IP addresses such as your company firewall or gateway.
- Restrict individual users to only access through your company network to lock down high-privileged accounts.
The Allowlist works both with the GUI frontend, and for access using the API.
To administrate the IP Allowlist, use the iconik Admin interface.
User Audit Log Streaming
Log streaming allows you to consume iconik's audit log as a stream via a cloud-based message bus so that you can forward it on to your own security information and event management (SIEM) system.
You can setup multiple recipients and we currently support the following message buses:
- Amazon AWS SQS
- Google Cloud Pub/Sub
The user audit log streaming provides the following benefits:
- Logs are fed in near real-time so you can react to threats in a timely manner
- Admins can monitor and review a log of all user actions within their iconik system
- The added ability to stream and backup the audit log into your own infrastructure
iconik Shield is administrated through the iconik Admin interface