Using Twilio Monitor for Change Management

Using Twilio Monitor for Change Management

“One advantage in keeping a diary is that you become aware with reassuring clarity of the changes which you constantly suffer.” An old quote, but surprisingly befitting for IT change management.

In the world of software, changes can also equal suffering. Unintentionally deleting files, mis-configuring features, and applying the wrong access privileges are just a few of the many ways things can go wrong when changes are made. And depending on what’s at stake, the cost of not seeing the signs of these problems can range from a few engineering hours, to losing customers. Not to mention the fact that you may be violating company policy or industry regulations if you don’t have visibility into these changes.

To help combat these problems, Twilio Monitor Events gives you full visibility into all changes to your Twilio account, whether that’s a user’s permissions being updated, a message log being deleted, or a new payment method being created. In this follow up post to our best practices guide for using Monitor to manage your phone number inventory, we will explore how to customize and consume monitor to maintain visibility over your Twilio usage and track changes, as well as adhere to industry standards and data retention policies.

Let’s take a look at the various tools Monitor offers to oversee and manage your Twilio usage.

Dashboard for Data Aggregation and Forensic Analysis

First and foremost, Monitor provides a comprehensive event log which serves as a holistic dashboard for all changes that have historically been made to your Twilio account. This will serve as a hub for all active users on your account to see any changes that have been made by other users or through the API as needed for forensic analysis. Each Event is like a log entry that captures:

• Date of event
• Which resource was affected (Phone Number, User, Data Policy, etc.)
• Event Type (Updated, Created, Deleted)
• Who caused the event
• Source (via Web, API, Twilio Admin, etc.)
• IP address used to enact change
• Any related event data (like what properties were changed)

From this view you can drill down into the event types that are most important to your operations. You can filter by time, event type, actor, and more.

Let’s say, for example, you expect one of your team members’ Twilio account/password has been compromised within the last 7 days. You can use filtering to easily see every action that the specific user has taken within that timeframe:

In this example I filter by my user SID to see what actions I have taken over the last week, and discover I have maliciously deleted my own fraud usage triggers. I can now take action on this information by reinstating this trigger, resetting my password, etc.

Adhere to Industry Standards, Create Your Own Data Policies

Your Twilio usage is unique to your product and use case. While we want to equip every customer with the tools needed to monitor each aspect of their Twilio usage, we recognize the data policies needed to operate in the Healthcare industry are very different than those needed to operate in the Automotive industry.

This is why Monitor lets you pick and choose which events Twilio will log, to ensure we are only saving and presenting the events that are important to your operation. By increasing or decreasing the amount of event-types tracked, your event log dashboard will be populated with the events that are vital to your specific use case.

In the Configure Events tabs within your account portal, you can specify which event types and change types you want to log, and how long you want Twilio to save those events. This is especially powerful when you are responsible for providing the data retention necessary for compliance requirements.

To make another example, let’s assume an industry standard mandates that you delete all your call data to protect customers’ privacy, and you are responsible for keeping evidence of this deletion for 6 months. In the Configure Events tab, you can select to store all events regarding call record deletion for 180 days, which allows you to reproduce this evidence either through the account portal, or via the API