International Journal of Computer Science Trends and Technology (IJCST) – Volume 11 Issue 6, Nov-Dec 2023

RESEARCH ARTICLE OPEN ACCESS

Guardians of Trust: Navigating Data Security in AIOps through

Vendor Partnerships
Subhadip Kumar
Western Governors University

ABSTRACT
Artificial Intelligence for IT Operations (AIOps) is a rapidly growing field that applies artificial intelligence and machine
learning to automate and optimize IT operations. AIOps vendors provide services that ingest end-to-end logs, traces, and
metrics to offer a full stack observability of IT systems. However, these data sources may contain sensitive information such as
internal IP addresses, hostnames, HTTP headers, SQLs, method/argument return values, URLs, personal identifiable
information (PII), or confidential business data. Therefore, data security is a crucial concern when working with AIOps vendors.
This article discussed about the security features offered by different vendors and how best practices can be adopted to ensure
data protection and privacy.
Keywords: - AIOps, Cyber Security, AI Security.

I. INTRODUCTION
control) and masking to ensure minimum exposure in case of
AIOps, or Artificial Intelligence for IT Operations, is a new a data breach.
approach that leverages machine learning and automation to
enhance the observability and reliability of complex software
systems. Observability is the ability to monitor and understand
II. TYPE OF DATA COLLECTED
the internal state of a system or application based on the AIOps can help IT teams monitor, analyze, and
external outputs, such as logs, metrics, and traces. Several troubleshoot complex systems, as well as improve service
vendors offer full stack observability, monitor security quality and customer satisfaction. However, AIOps also
vulnerabilities, automations, actionable alerts, and insights. involves collecting and processing logs, metrics and traces
These vendors ingest customers’ logs, traces and metrices to which contains a large amount of sensitive data, such as client
produce actionable insights and recommendations that help IP addresses, HTTP headers, HTTP post parameters, URL
SREs, and developers achieve full stack observability and query parameters, SQL bind variables, SQL statements,
improve the quality and efficiency of their software delivery. personally identifiable information (PII), and more. This data
Security is a big concern when these vendors ingest customer can reveal a lot of information about the users, their behavior,
data such as logs, metrices and traces as they consist sensitive their preferences, and their identity. If this data is not
information such as IP addresses, client details and their protected properly, it can lead to a serious data breach, which
personal information’s even confidential business data. Also, can have legal, financial, and reputational consequences for
when this data is in transit or at rest, vendors ensure that the both the IT service provider and the users. Therefore, it is
data is protected from being exposed. Security is always a essential to implement appropriate security measures to
joint responsibility that requires the participation and protect the data at every stage of its lifecycle, from capture, to
contribution of all stakeholders to create a safe and secure transit, to storage, to display.
environment for everyone. In this article, we will discuss
about different AIOps vendors and their security features. III. DATA COLLECTION AGENT BY
However, AIOps also poses some security challenges, such as VENDOR AND AGENT SECURITY
data privacy, access control, and compliance. Therefore, it is
important to choose an AIOps vendor that can provide robust A. DATA COLLECTION AGENT BY VENDOR
and reliable security solutions. Different AIOps vendors have
Most of the vendors deploy a single agent to collect data
different standards and approaches to meet security standards.
from remote sources and forward that to vendor’s instance.
In this article, we will discuss in detail about those security
Some examples include:
measures and how a customer can leverage them and develop
- Splunk has three types of forwarders aka agent –
a best practice.
Universal forwarder, heavy forwarder, and light forwarder [1].
We will also discuss about how the vendors ingest
Out of that universal forwarder is the most popular one.
customer data, encryption in transit and in rest from
Universal forwarder handles all kinds of data – starting from
customers’ system to vendor, in product communications,
Microsoft Windows event logs, webserver logs, change logs,
masking of sensitive information’s and PII. Will also discuss
archive files etc.
how to protect the data using RBAC (Role based access

ISSN: 2347-8578 www.ijcstjournal.org Page 50

International Journal of Computer Science Trends and Technology (IJCST) – Volume 11 Issue 6, Nov-Dec 2023
- Dynatrace uses OneAgent – a single agent per host PostgreSQL) or NoSQL databases (e.g., MongoDB,
that collects all relevant metrics along with 100% of your Cassandra) can be employed based on the nature of the data
application-delivery chain. and specific requirements. Databases provide efficient data
- AppDynamics uses different agents by application retrieval and management capabilities. For example,
type – Java/.Net/Python/SAP are few of them. Agent collects Dynatrace uses Grail, a database designed specifically for
data and forward it to the controller host for further processing. observability and security data. Grail is based on Dynatrace
- Datadog agent is deployed in OS is open source, and Query Language (DQL), which allows users to access and
it is available on Github to consume by the user. It collects process data from different sources, such as logs, metrics,
events and metrices from hosts and sends them to DogStatsD traces, events, and more. Grail also connects all the data
which is a metrics aggregator using StatsD protocol. within a real-time model that reflects the topology and
DogStatsD also accepts custom metrics and events and dependencies within a monitored environment. This
forward them to DataDog. enables Dynatrace to provide a holistic view, advanced
analytics, and AI-powered answers for cloud optimization
B. AGENT SECURITY and troubleshooting.
Agent security is an important aspect of AIOps, as agents 3) Object Storage:
are used by various vendors to collect and transmit sensitive
data over the network. In this section, we will explore the Object storage is suitable for storing unstructured data like
different dimensions of securing the agents. documents, images, and log files. It offers scalable and
cost-effective storage solutions, and popular object storage
Agent distribution: The customer should ensure that the services include Amazon S3, Azure Blob Storage, and
agents’ repositories and binary packages are signed. They can Google Cloud Storage. Datadog often supports multi-cloud
validate the distribution channel by checking the signature environments. They may store customer data in cloud
against a public key. storage solutions like AWS S3, Google Cloud Storage, or
Firewall rules: The customer should consult with the Azure Blob Storage.
vendor to determine which inbound and outbound ports need 4) On-Premises Storage:
to be opened for AIOps. The vendor documentation usually
provides clear information on the ports that need to be open Some AIOps vendors may opt for on-premises storage
and the IP addresses that need to be whitelisted. solutions, especially in cases where regulatory or
Information security and encryption: Data encryption in compliance requirements mandate keeping data within a
transit is another crucial aspect of agent security. The specific physical location. On-premises storage allows
customer should verify that their agents use TLS-encrypted vendors to have more control over their infrastructure and
TCP connections and comply with the minimum TLS version data.
required by their enterprise security team. 5) Hybrid Storage Solutions:
Agent runtime user: The customer should set the privilege
and permission for the agent’s runtime user as low as possible A hybrid storage approach combines on-premises and
and only allow it to perform the assigned task. cloud-based storage solutions. This provides flexibility and
allows vendors to optimize their storage strategy based on
C. DATA STORAGE the specific needs of their AIOps platform, balancing
performance, scalability, and compliance.
AIOps vendors typically store customer data in secure and
scalable storage environments, and the choice of storage 6) Distributed File Systems:
solution may vary depending on several factors, including the AIOps vendors dealing with large-scale data processing
vendor's infrastructure, specific use cases, and compliance may utilize distributed file systems such as Apache Hadoop
requirements. Here are some common storage options that Distributed File System (HDFS) or distributed storage
AIOps vendors may employ for storing customer data: systems like Ceph. These systems are designed to handle
1) Cloud Storage Services: massive amounts of data across distributed clusters.
Many AIOps vendors leverage cloud storage services
IV. DATA COLLECTION AGENT BY
provided by major cloud providers such as Amazon Web
Services (AWS), Microsoft Azure, or Google Cloud Platform VENDOR AND AGENT SECURITY
(GCP). These services offer scalable, reliable, and secure
storage solutions with built-in encryption and access control A. PREVENT CAPTURING OF SENSITIVE DATA
features. Sensitive data exposure is a serious risk for AI tools,
especially those that use generative models to create content
2) Databases:
based on user inputs. Generative models are a type of machine
AIOps vendors often use databases to store structured learning models that can learn from data and generate new
customer data. Relational databases (e.g., MySQL, data that resembles the original data. For example, generative

ISSN: 2347-8578 www.ijcstjournal.org Page 51

International Journal of Computer Science Trends and Technology (IJCST) – Volume 11 Issue 6, Nov-Dec 2023
models can create realistic images, texts, or sounds based on to be used for certain purposes, such as testing, training, or
user inputs. However, generative models can also analysis. Masking can also reduce the risk of data breaches, as
inadvertently capture and expose sensitive data from the the masked data is less valuable or attractive to hackers or
inputs, such as personal information, intellectual property, malicious insiders. Masking can also help comply with data
trade secrets, or confidential records. This can happen if the privacy regulations, such as GDPR, that require data
inputs contain such data, or if the models are trained on minimization and pseudonymization.
datasets that contain such data. If such data is leaked, stolen, However, masking also has some challenges or limitations,
or misused, it can cause reputational damage, legal liability, or such as:
competitive disadvantage for the data owners. Therefore, it is - Masking can reduce the quality or accuracy of the data, as
important to prevent capturing sensitive data right at the some information is lost or distorted during the masking
source before it is processed by the AI tool. One way to do process. This can affect the performance or reliability of the
this is to use data anonymization techniques, such as masking, AI tool that uses the masked data.
hashing, encryption, or tokenization, to remove or replace any - Masking can be vulnerable to re-identification attacks,
identifying information from the data. Masking is a technique especially if the masked data is combined with other data
that hides or obscures sensitive data with random characters or sources that can reveal the identity of the data subjects. For
symbols. Hashing is a technique that transforms sensitive data example, if the masked data contains a unique identifier, such
into a fixed-length string of characters using a mathematical as an email address, that can be linked to another dataset that
function. Encryption is a technique that converts sensitive data contains the name of the data subject, the masked data can be
into an unreadable format using a secret key. Tokenization is a re-identified.
technique that replaces sensitive data with a unique identifier - Masking can be difficult to implement or maintain,
that maps to the original data in a secure database. These especially if the data is dynamic or complex. For example, if
techniques can help preserve the utility and structure of the the data changes frequently or has multiple formats or types,
data, but without revealing any sensitive details. Another way the masking function may need to be updated or customized
to prevent capturing sensitive data at the source is to use data accordingly. This can increase the cost and complexity of the
minimization techniques, such as filtering, sampling, or data anonymization process.
aggregation, to reduce the amount and granularity of the data. Therefore, it is important to follow some best practices for
Filtering is a technique that removes or excludes data that is masking, such as:
irrelevant, redundant, or sensitive from the inputs. Sampling is - Designate a multi-tier access and authorization system for
a technique that selects a subset of data that is representative your most critical assets. Whenever it’s necessary for larger
of the whole population. Aggregation is a technique that groups of people to access or use sensitive data, look for
combines or summarizes data into groups or categories. These additional ways to protect that data, such as data encryption,
techniques can help reduce the complexity and size of the data, anonymization, and/or masking.
but without containing any unnecessary or excessive - Choose the appropriate masking function and level for
information. By applying these techniques, data owners can your data, depending on the level of security and consistency
protect their sensitive data from exposure and ensure the required. For example, you can use deterministic masking for
privacy and security of their data while using AI tools. data that needs to be consistent across different datasets, or
random masking for data that needs to be more secure.
B. MASKING DATA AT CAPTURE - Test and validate the masked data to ensure that it meets
Masking is a data anonymization technique that hides or the quality and usability requirements for the AIOps tool. For
obscures sensitive data with random characters or symbols. example, you can use data quality metrics, such as
For example, you can replace a value character with a symbol completeness, correctness, and consistency, to measure the
such as “*” or “x”. Masking can help preserve the utility and quality of the masked data. You can also use data usability
structure of the data, but without revealing any sensitive metrics, such as utility, relevance, and timeliness, to measure
details. the usability of the masked data.
Masking works by applying a masking function to the
sensitive data at the source, before it is processed by the AI C. MASKING AT INGEST
tool. The masking function can be deterministic or random, Another way to mask the sensitive data once it reaches the
depending on the level of security and consistency required. A AIOps SaaS platform is to use masking at ingest. This
deterministic masking function always produces the same approach allows masking sensitive data once it arrives in the
output for the same input, while a random masking function SaaS environment, and before it is written to disk (stored).
produces different outputs for the same input. A deterministic This way, the data can still be used for the intended purpose,
masking function can ensure that the masked data is consistent but without revealing any sensitive details.
across different datasets, while a random masking function
can increase the difficulty of reverse engineering the original Masking at ingest works by applying a masking function to
data. the sensitive data as soon as it is received by the AIOps SaaS
Masking is useful for protecting sensitive data from platform. The masking function can be configured by the user,
unauthorized access or disclosure, while still allowing the data based on the type and level of sensitivity of the data. For

ISSN: 2347-8578 www.ijcstjournal.org Page 52

International Journal of Computer Science Trends and Technology (IJCST) – Volume 11 Issue 6, Nov-Dec 2023
example, the user can choose to mask all or some of the fields data before storing it on a disk or a cloud service and
in a log entry, such as IP address, username, or email address. decrypts it only when it is accessed by authorized
The user can also choose the masking method, such as users or applications. Encryption at rest ensures that
replacing, hashing, or encrypting the sensitive data. The even if the data storage is compromised, the data
masked data is then stored in the AIOps SaaS platform, while remains unreadable and unusable by the attackers.
the original data is discarded or archived. Encryption at rest can also help to comply with the
privacy laws and regulations that apply to the
sensitive data.
D. TLS/SSL ENCRYPTION WHILE DATA AT There are two main types of encryption keys that are
TRANSIT used for encryption at rest: cloud managed keys and
customer-managed keys. Vendor managed keys are
One way to protect the data in transit is to use TLE/SSL the default option, where AIOps vendor handles the
encryption, which stands for Transport Layer encryption and decryption of the data using FIPS
Encryption/Secure Sockets Layer encryption. TLE/SSL 140-2 compliant 256-bit AES encryption [19].
encryption is a protocol that provides security and privacy for Customer-managed keys, also known as bring your
network communications. TLE/SSL encryption works by own key (BYOK), offer more flexibility and control
encrypting the data before transmission, authenticating the to the customers, who can create, rotate, disable, and
endpoints, and decrypting and verifying the data on arrival. revoke their own keys using Key Vault. Key Vault is
Encryption means converting the data into an unreadable a service that provides secure storage and
format using a secret key, which prevents anyone from management of encryption keys, secrets, and
accessing or modifying the data without the key. certificates. Customer-managed keys can also enable
Authentication means verifying the identity and auditing and logging of the key usage and access.
trustworthiness of the endpoints, which prevents anyone from
impersonating or intercepting the communication. Decryption F. ON-PREMISES DEPLOYMENT
means converting the data back into a readable format using
One of the ways to protect your organization's
the same or a different key, which ensures that the data is
sensitive data is to use on premise deployment for the
intact and has not been tampered with.
AIOps system. On premise deployment is a method
TLE/SSL encryption can enhance the security and privacy of of hosting and managing the AIOps system on the
the data in transit by preventing unauthorized access, organization’s own servers and infrastructure, rather
disclosure, or modification of the data. According to a study than using a cloud service provider. On premise
by Krawczyk et al. [3], TLE/SSL encryption can provide a deployment can offer more control and security over
strong security notion for network communications, called the data, as the organization can apply its own
authenticated and confidential channel establishment (ACCE), policies and standards for data access, encryption,
which guarantees that the data is protected from both passive backup, and recovery. On premise deployment can
and active attacks, such as eavesdropping, tampering, also reduce the risk of data breaches or leaks due to
replaying, or forging. TLE/SSL encryption can also help external factors, such as network outages,
comply with data privacy regulations, such as GDPR, that cyberattacks, or legal issues. However, on premise
require data protection and confidentiality. According to a deployment also has some challenges, such as higher
report by ENISA [2], TLE/SSL encryption can help data upfront and maintenance costs, lower scalability and
controllers and processors meet the GDPR requirements for flexibility, and more dependency on internal IT
data security, such as ensuring the confidentiality, integrity, resources.
and availability of the data, as well as the resilience of the
systems and services that process the data. TLE/SSL G. ROLE-BASED ACCESS CONTROL
encryption can also improve the performance and reliability of One of the major challenges in AIOps systems is
the AIOps tools that use the data, as the encryption reduces to protect the sensitive data that is collected,
the risk of data corruption, loss, or interference. According to processed, and analyzed by the system from
a survey by IDC [4], TLE/SSL encryption can help AIOps unauthorized access or disclosure. Sensitive data can
tools achieve higher levels of availability, scalability, and include personal information of the users, business
efficiency, as the encryption enables faster and more secure secrets of the organizations, or system configuration
data transmission, storage, and analysis. and performance data that can reveal vulnerabilities
or weaknesses. A common technique to prevent
sensitive data exposure is to implement role-based
E. ENCRYPTION AT REST access control (RBAC) for the AIOps system. RBAC
One of the best practices to protect the data collected is a security model that assigns roles to the users of
by AIOps systems is to use encryption at rest. the system, and grants permissions to the roles based
Encryption at rest is a technique that encrypts the on the principle of least privilege. RBAC also defines
policies that specify the conditions and constraints

ISSN: 2347-8578 www.ijcstjournal.org Page 53

International Journal of Computer Science Trends and Technology (IJCST) – Volume 11 Issue 6, Nov-Dec 2023
under which the roles can access the data. By using Different AIOps vendors have different default
RBAC, the AIOps system can ensure that only the data retention periods for the data they collect and
authorized and authenticated users can access the analyze. For example, IBM Cloud Pak for Watson
data they need for their tasks, and that they cannot AIOps has a default data retention period of 14 days
access or modify the data they do not need or are not for logs, 15 days for metrics, 90 days for closed alerts,
allowed to. RBAC can also help to reduce the attack and 30 days for deleted or changed topology
surface and the potential impact of data breaches, as resources [8]. AppDynamics has a default data
well as to comply with the privacy laws and retention period of 4 hours for raw SQL capture and
regulations that apply to the sensitive data. query literals [9]. Dynatrace has a default data
The following three rules are essential for RBAC: retention period of 35 days for metrics, 10 days for
• A subject need to have a role, either by logs, and 7 days for user sessions [10]. These default
choosing or being assigned one, before they can use a data retention periods can be changed by the
permission. customers if they want to keep the data for a longer
• A subject’s role must be valid and approved. or shorter time, depending on their requirements and
• A subject can only use a permission that is preferences. However, changing the data retention
allowed for their role. period may have some implications for the
RBAC has many advantages, such as enhancing performance, scalability, and cost of the AIOps
security and complying with regulations [5]. systems.
However, RBAC also has some challenges, such as Therefore, customers should carefully evaluate
needing extensive domain expertise, taking a lot of their data retention needs and options before
time to implement, and being hard to maintain. choosing an AIOps vendor or changing the default
data retention period. Customers should also consider
H. SUPRESS RAW SQL CAPTURE AND QUERY the privacy laws and regulations that apply to the
LITERALS sensitive data they collect and store and ensure that
Another way to protect the data collected by AIOps they comply with them. By doing so, customers can
systems is to suppress raw SQL capture and query ensure that they use the data collected by AIOps
literals. Raw SQL capture is a feature that collects systems effectively and securely.
the SQL statements executed by the application, The data retention period is a trade-off between
along with the dynamic parameters bound to runtime accuracy and cost. A shorter period may compromise
values. Query literals are the actual values of the the quality of the AIOps analysis, while a longer
parameters in the SQL statements. Raw SQL capture period may incur higher storage expenses and data
and query literals can provide useful information for risks. Therefore, the customer should carefully
debugging and performance analysis, but they can balance these factors and select the optimal retention
also expose sensitive data if they contain personal or period.
confidential information. To prevent this, AIOps
systems can disable the capture of raw SQL and J. SECURITY COMPLIANCE
query literals or mask the values of the sensitive data. It is essential to ensure that the data collected by
Literals that are part of the WHERE clause of an AIOps systems is secure and compliant with the
SQL statement are replaced with *****, for example, relevant laws and regulations.
WHERE userId = '*********'. For example, Security compliance is the process of adhering to
AppDynamics offers options to disable raw SQL the standards and best practices that aim to protect
capture, bind variable capture, and query literal the data from unauthorized access, disclosure,
capture for its application monitoring solution [6]. modification, or destruction. Security compliance can
Dynatrace also offers similar suppression and involve various aspects, such as data encryption,
disablement of raw SQL [7]. By suppressing raw access control, auditing, logging, backup, recovery,
SQL capture and query literals, AIOps systems can and incident response. Security compliance can also
reduce the risk of data exposure and comply with the vary depending on the type, location, and jurisdiction
privacy laws and regulations that apply to the of the data, as well as the industry, sector, and
sensitive data. organization that owns or uses the data. Some of the
common security compliance frameworks and
I. DATA RETENTION AND ARCHIVING regulations that apply to the data collected by AIOps
AIOps tools are dependent on historical systems are:
performance to produce meaningful insight. It is also - Payment Card Industry Data Security Standard
important to know how long the data is retained by (PCI DSS): This is a set of requirements that apply to
the AIOps vendors, and how to configure the data any organization that processes, stores, or transmits
retention period according to the needs and cardholder data, such as credit card or debit card
preferences of the customers. information. PCI DSS aims to ensure the security and

ISSN: 2347-8578 www.ijcstjournal.org Page 54

International Journal of Computer Science Trends and Technology (IJCST) – Volume 11 Issue 6, Nov-Dec 2023
privacy of the cardholder data and prevent fraud and an identified or identifiable individual. GDPR [17]
identity theft [13]. applies to any organization that offers goods or
- ISO 27001: ISO 27001 is an international services to individuals in the EU, or monitors the
standard that specifies the requirements for behavior of individuals in the EU, regardless of the
establishing, implementing, maintaining, and location of the organization.
improving an information security management - California Consumer Privacy Act (CCPA): This
system (ISMS). An ISMS is a framework of policies is a US state law that grants certain rights and
and procedures that includes all legal, physical, and protections to the consumers of California regarding
technical controls involved in an organization’s their personal information, which is any information
information risk management processes. ISO 27001 that identifies, relates to, describes, or is reasonably
[14] covers all types of information, regardless of the capable of being associated with a particular
format, location, or ownership. ISO 27001 consumer or household. CCPA [18] applies to any
certification is a voluntary process that involves an organization that does business in California and
independent audit by an accredited certification body. meets certain criteria, such as having annual gross
The audit consists of two stages: Stage 1 is a revenues of more than $25 million, or collecting or
document review to verify the compliance of the selling the personal information of more than 50,000
ISMS with the ISO 27001 requirements, and Stage 2 consumers, households, or devices.
is an on-site visit to validate the implementation and AIOps vendors are the providers of AIOps
operation of the ISMS. The certification is valid for solutions, such as platforms, tools, or services, that
three years, subject to annual surveillance audits and enable the customers to leverage AI and ML for IT
a recertification audit at the end of the cycle. operations [11]. AIOps vendors are responsible for
- SOC 2 Type 2: SOC 2 Type 2 [15] is a report ensuring that the data collected by their solutions is
that provides an independent assessment of the secure and compliant with the applicable laws and
security, availability, processing integrity, regulations. AIOps vendors can achieve security
confidentiality, and privacy controls of a service compliance by following various steps, such as:
organization. A service organization is an entity that - Conducting a risk assessment and gap analysis to
provides services to other entities, such as cloud identify the potential threats and vulnerabilities of the
computing, data hosting, software development, or data, and the current state and desired state of the
IT outsourcing. SOC 2 Type 2 covers the design and security controls and measures.
operating effectiveness of the controls over a period - Implementing and maintaining the appropriate
of time, typically between six months and one year. security controls and measures, such as data
SOC 2 Type 2 is based on the criteria set by the encryption, access control, auditing, logging, backup,
American Institute of Certified Public Accountants recovery, and incident response, according to the best
(AICPA) Trust Services Principles and Criteria. SOC practices and standards of the industry and the
2 Type 2 attestation is a voluntary process that organization.
involves an audit by a licensed Certified Public - Monitoring and testing the effectiveness and
Accountant (CPA) or accountancy organization. The performance of the security controls and measures,
audit consists of two phases: Phase 1 is a readiness and reporting and resolving any issues or incidents
assessment to evaluate the readiness of the service that may occur.
organization to undergo the SOC 2 Type 2 audit, and - Reviewing and updating the security policies and
Phase 2 is the actual SOC 2 Type 2 audit to test the procedures and providing training and awareness to
design and operating effectiveness of the controls. the staff and the customers, to ensure the alignment
The attestation is valid for the period covered by the and compliance with the changing laws and
audit, and can be renewed annually. regulations.
- Health Insurance Portability and Accountability Security compliance is a critical and challenging
Act (HIPAA): This is a US federal law that regulates aspect of AIOps, as it involves the protection and
the privacy and security of protected health regulation of a large amount of sensitive data that is
information (PHI), which is any information that collected and analyzed by AIOps systems. AIOps
relates to the health or health care of an individual. vendors play a key role in ensuring that the data
HIPAA [16] applies to any organization that creates, collected by their solutions is secure and compliant
receives, maintains, or transmits PHI, such as health with the relevant laws and regulations. By doing so,
care providers, health plans, or health care AIOps vendors can enhance the trust and confidence
clearinghouses. of their customers and deliver value and benefits to
- General Data Protection Regulation (GDPR): their business and IT operations. Customers should
This is a European Union (EU) regulation that also verify that AIOps vendors have the necessary
governs the collection, processing, and transfer of certifications that align with their own security
personal data, which is any information that relates to compliance standards.

ISSN: 2347-8578 www.ijcstjournal.org Page 55

International Journal of Computer Science Trends and Technology (IJCST) – Volume 11 Issue 6, Nov-Dec 2023
V. ACKNOWLEDGMENTS design, implementation and measurements. In 2020
IEEE International Conference on Advances in Electrical
I would like to thank anonymous reviewers for the
Engineering and Computer Applications (AEECA) (pp.
comments and suggestions.
276-280). IEEE.
[13] DSS, W. I. P., & COMPLY, W. N. T. (2010). Payment
VI. SUMMARY Card Industry Data Security Standard (PCI DSS).
The article explores the security issues and solutions for Payment Card Industry Security Standards Council (PCI
AIOps, which applies AI and ML to IT operations. The article SSC).
[14] Brenner, J. (2007). ISO 27001 risk management and
highlights that security is a joint duty of the customer and the
compliance. Risk management, 54(1), 24-29.
AIOps vendor. [15] Imperva. (n.d.). SOC 2 Compliance. Imperva.
https://www.imperva.com/learn/data-security/soc-2-
VII. REFERENCES compliance/
[1] Splunk. (2023, January 03). Splunk universal forwarder. [16] Gostin, L. O., Levit, L. A., & Nass, S. J. (Eds.). (2009).
Splunk. Beyond the HIPAA privacy rule: enhancing privacy,
https://www.splunk.com/en_us/blog/learn/splunk- improving health through research.
universal-forwarder.html. [17] Tankard, C. (2016). What the GDPR means for
[2] Tanczer, L. M., Deibert, R. J., Bigo, D., Franklin, M. I., businesses. Network Security, 2016(6), 5-8.
Melgaço, L., Lyon, D., Kazansky, B., & Milan, S. (2020). [18] de la Torre, L. (2018). A guide to the california
Online surveillance, censorship, and encryption in consumer privacy act of 2018. Available at SSRN
academia. International Studies Perspectives, 21(1), 1-36 3275571.
[3] Krawczyk, H., Paterson, K. G., & Wee, H. (2013). On Rijmen, V., & Daemen, J. (2001). Advanced encryption
the security of the TLS protocol: A systematic analysis. standard. Proceedings of federal information processing
In R. Canetti & J. A. Garay (Eds.), Advances in standards publications, national institute of standards and
cryptology – CRYPTO 2013 (pp. 429-448). Springer. technology, 19, 22.
[4] Duckworth, A. L., Matthews, M. E., & Kelly, G. (2019).
The role of grit in academic achievement: A meta-
analysis of 63 years of research. Journal of Personality
and Social Psychology, 116(6), 1018–1030.
https://doi.org/10.1037/pspa0000204
[5] McCarthy, M., Brown S. (2020). Role-based access
control (RBAC) for databases, servers, and Kubernetes.
https://www.strongdm.com/rbac
[6] AppDynamics. (2023). Sensitive data collection and
security.
https://docs.appdynamics.com/appd/22.x/22.3/en/appdyn
amics-essentials/sensitive-data-collection-and-security
[7] Dynatrace. (2023). Support for SQL bind variables.
https://docs.dynatrace.com/docs/platform-
modules/applications-and-
microservices/databases/support-for-sql-bind-variables
[8] IBM. (2023). Data retention.
https://www.ibm.com/docs/en/cloud-paks/cloud-pak-
aiops/4.1.2?topic=compliance-data-retention
[9] AppDynamics. (2014). Database size and data retention.
https://docs.appdynamics.com/display/PRO14S/Databas
e+Size+and+Data+Retention
[10] Dynatrace. (2023). Data retention periods.
https://docs.dynatrace.com/docs/manage/data-privacy-
and-security/data-privacy/data-retention-periods
[11] Dang, Y., Lin, Q., & Huang, P. (2019, May). Aiops:
real-world challenges and research innovations. In 2019
IEEE/ACM 41st International Conference on Software
Engineering: Companion Proceedings (ICSE-
Companion) (pp. 4-5). IEEE.
[12] Shen, S., Zhang, J., Huang, D., & Xiao, J. (2020,
August). Evolving from traditional systems to AIOps:

ISSN: 2347-8578 www.ijcstjournal.org Page 56