LogRhythm log management, analysis and event management software combines GCSX, ISO27002/1 and PCI DSS compliance with safer public online interaction
19 May 2009 -Surrey Heath Borough Council has implemented a log management, log analysis and event management solution from LogRhythm, the company that makes log data useful. LogRhythm will not only help Surrey Heath meet GCSX, ISO27002 and PCI DSS compliance, but it will play a valuable role in creating a safer online environment for the public when transacting with the Council via its website.
Surrey Heath Borough Council covers an area of 36.5 square miles and is responsible for providing services to over 81,000 citizens. While the Council had been manually checking the log data generated by its different servers, this was time consuming and it was not immediately apparent if an unprecedented incident had occurred. To help ensure easier and quicker compliance with GCSX, and the associated Code of Connection (CoCo) which includes specific requirements on log data, Surrey Heath Borough Council investigated the options for a centralised, automated logging solution. Steve Norwood, Systems Security Officer at Surrey Heath explains:
“We looked at a number of open source based, self-build options as well as a specific log event management solution but none of these were granular enough to meet our needs and couldn’t portray exactly what was going on across our network on one single screen. We approached our reseller base for advice and the consensus was that LogRhythm was the Rolls Royce product in the market which quite simply couldn’t be beaten. On further examination, we particularly liked LogRhythm’s ability to analyse network patterns and enable the fast and easy forensic investigation into historical activities.”
As well as supporting GCSX, LogRhythm will help Surrey Heath meet the ISO/IEC 27002 best practice recommendations on information security management as well as the Payment Card Industry Data Security Standard (PCI DSS) to ensure the protection of the public’s credit card data when paying for council services.
LogRhythm currently interfaces directly with Surrey Heath’s domain controllers (DC) and Intrusion Protection Systems (IPS). Should any unusual behaviour occur, LogRhythm will notify Surrey Heath’s IT team by text message and email so that they can respond as quickly as possible.
Surrey Heath believes that LogRhythm will have a positive impact on other areas of its operation beyond its initial compliance remit, for example credit card, benefit or identity fraud. As such, the Council anticipates extending LogRhythm’s use to its firewalls, Oracle databases, switches and routers to give an even greater insight into network activity.
Norwood concludes: “LogRhythm is extremely intuitive and easy to use. The company’s knowledge of the public sector was evident, for instance, the solution was pre-configured with specific reporting mechanisms for GCSX and ISO 27002 which makes compliance with these initiatives even easier. LogRhythm is proving itself as a strong, all round product which will benefit Surrey Heath immensely – both from a compliance and general IT best practice perspective.”
Ross Brewer, vice president and managing director, LogRhythm, adds: “Surrey Heath represents LogRhythm’s continued expansion across the public sector. As publicity continues around high-profile data security breaches within the public sector, we are finding that a growing number of organisations are turning to LogRhythm, with it’s broad application focus, to help them gain a tighter control of exactly what is occurring within their network so that they can act and respond before any damage is done.”
LogRhythm is a world leader in NextGen SIEM, empowering organizations on six continents to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security automation & orchestration (SAO) in a single end-to-end solution. LogRhythm’s Threat Lifecycle Management (TLM) framework serves as the foundation for the AI-enabled security operations center (SOC), helping customers measurably secure their cloud, physical and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm platform has won many accolades, including being positioned as a Leader in Gartner’s SIEM Magic Quadrant.