Security Information Event Management coupled with integrated File Integrity Monitoring bring new efficiencies and savings to charity
Maidenhead, 01 July 2010 - St John Ambulance, the nation’s (UK) leading first aid charity, is addressing Payment Card Industry Data Security Standard (PCI DSS) compliance with the implementation of a security information event management (SIEM) solution from LogRhythm, the company that makes log data useful. Provided by Softcat, a provider of software licensing, hardware, security and related IT services, LogRhythm will bring a new level of automated reporting and alerting to St John Ambulance which will simplify how the organisation manages its network and meets its compliance responsibilities.
St John Ambulance helps people learn first aid so that they can be the difference between a life lost and a life saved. The organisation teaches more people first aid than any other, with more than 800,000 people receiving St John Ambulance training each year in schools, workplaces or in the community.
With income generated by its first aid training programmes and supplies, service delivery programmes which provide first aid at public events, and through charitable donations, St John Ambulance is classed as a Level 3 PCI DSS merchant. In order to meet the log data requirements of PCI DSS, St John Ambulance assessed a number of log data offerings before selecting Softcat and LogRhythm. Karl Heydenrych, IT director, St John Ambulance explains the choice:
“Softcat demonstrated an excellent understanding of our operation and how the different technologies available could help meet our needs. As such, we fully trusted the company’s suggestion that we add LogRhythm to our shortlist of log data management solution providers. We evaluated a number of offerings but LogRhythm stood out as being more flexible and configurable than the others. We believe that this ensures a better fit for our business and brings us a faster return on investment, which is important for us as a charity, so we can equip more people with first aid skills. Additionally, LogRhythm was the only solution we found which offered integrated File Integrity Monitoring. Not only would this negate the need for us to purchase an additional solution to meet the specific File Integrity Monitoring requirements of PCI DSS, but it would simplify and strengthen our security, audit and compliance processes.”
Implemented by specialist security distributor and LogRhythm partner, Vigil Software, LogRhythm will collect logs from the various PCI DSS components on the St John Ambulance network and will alert on any out of ordinary activity – from firewall to workstation activity.
Before LogRhythm, St John Ambulance’s IT team collected log data manually which made any analysis or forensic investigations time consuming and more reactive than proactive. Beyond the PCI DSS compliance implementation, St John Ambulance anticipates developing LogRhythm’s use to provide better visibility over changing activity across the entire IT estate by capturing and reporting on anomalies as and when they occur.
Ross Brewer, vice president & managing director APAC & EMEA at LogRhythm adds, “Charitable organisations such as St John Ambulance are no more immune to internal or external threats than any large blue chip company. However they do often have a greater challenge when it comes to keeping operational costs minimal. Having File Integrity Monitoring fully included within the SIEM solution ensures a straightforward approach to identifying that any unauthorised modifications to systems or files without the added expenditure and time required to install and operate a separate system.”
St John Ambulance has recently launched a campaign to encourage businesses to train more staff in first aid, in order to tackle the issue that 150,000 people die each year when first aid could have given them a chance to live. For more information visit http://www.sja.org.uk
LogRhythm is a world leader in NextGen SIEM, empowering organizations on six continents to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security automation & orchestration (SAO) in a single end-to-end solution. LogRhythm’s Threat Lifecycle Management (TLM) framework serves as the foundation for the AI-enabled security operations center (SOC), helping customers measurably secure their cloud, physical and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm platform has won many accolades, including being positioned as a Leader in Gartner’s SIEM Magic Quadrant.