Prospects Ensures Regulatory Compliance and Increased Security with LogRhythm

UK’s leading training and guidance service selects LogRhythm’s integrated log management and next-generation SIEM solution

02 October 2012 – LogRhythm, a leader in cyber threat defence, detection and response, today announced that Prospects Services Ltd, the leading education, employment and training group, has deployed its integrated log management and Security Information and Event Management (SIEM) solution to ensure compliance with standards such as ISO27001 and regulations such as the HMG Security Policy Framework (SPF). The LogRhythm platform also provides the organisation with increased network visibility, boosting its overall IT security posture.

As the UK’s largest national supplier of careers-related information, advice and guidance, providing services to adults, young people and offenders, Prospects is charged with safeguarding large volumes of sensitive personal information. The majority of Prospects’ contracts are with the public sector, with local authorities, government departments and bodies such as Ofsted. As a result, the company is required to follow government regulations such as the SPF and Good Practice Guide no. 13 (GPG 13), which stipulates that network activity must be continuously monitored as a way of proactively identifying unusual or suspicious behaviour. This is critical to ensure delivery against these contracts as well as to gain access to the government’s new Public Services Network (PSN).

Prospects has over 1,300 employees based in more than 60 locations and is continuing to expand, so generating growing volumes of IT network log data across increasingly disparate IT systems. Its existing method of log data collection and analysis, where the log data was collected both manually and with various freeware programmes across different environments, was resource intensive. Prospects therefore identified the need to deploy a centralised log management and SIEM solution, which would ensure the company cost-effectively delivered on regulatory compliance, while improving network security. Following an extensive evaluation process, the company chose LogRhythm for the solution’s intuitive nature, cost-effectiveness and its unique ability to automatically demonstrate compliance with government frameworks upon deployment.

“LogRhythm stood out due to its intuitive nature while still providing the deepest level of visibility out of all the solutions we evaluated,” said Steven Macciolli, security officer and IT change manager at Prospects. “Furthermore, its competitors required huge initial investments – in contrast, LogRhythm offered rapid, higher returns on a lower investment, while also delivering value-added functionalities. We were looking for an integrated, centralised log management and next-generation SIEM solution that could cost-effectively ensure compliance while simultaneously helping us improve our IT security and ultimately become more competitive in the marketplace. Simply by deploying LogRhythm’s solution, we’ve demonstrated compliance with various government frameworks – a benefit no other systems we evaluated offered. Going forward, we’ll be further utilising LogRhythm to help us gain PSN accreditation.”

“This deployment is further validation of how LogRhythm significantly helps organisations simplify the compliance process,” said Ross Brewer, vice president and managing director, international markets at LogRhythm. “By adopting a protective monitoring approach, Prospects now has the visibility in its IT infrastructure required to build effective compliance strategies. With its business model dependent on its public sector contracts and its ability to safeguard sensitive information, Prospects is faced with growing pressure to secure an increasing amount of data and the need to adhere to ever more compliance directives. By deploying LogRhythm’s platform, the company is now future-proofed against the Big Data challenge and increasingly stringent regulatory requirements.”