Integrated log management and SIEM solution simplifies compliance with GCSX and PCI standards
04 October, 2011 - LogRhythm, the company that makes log data useful, today announced that Stoke-on-Trent City Council has chosen to deploy its integrated log management and Security Information and Event Management (SIEM) solution, to achieve compliance with Good Practice Guide no. 13 (GPG 13) and simplify the Payment Card Initiative Data Security Standard (PCI DSS) regulatory burden. The Council will also be using LogRhythm’s solution to strengthen its networks by proactively identifying and remediating any security threats – both internal and external – across its IT infrastructure.
With approximately 4,500 employees accessing its corporate IT network, Stoke-on-Trent City Council’s infrastructure spans 250 offices and schools across the city. On top of keeping this sizeable IT system secure, the Council must observe numerous compliance requirements in order to provide local authority services to more than 240,000 of its citizens. For example, the Council needs access to the UK Government Connect Secure Extranet (GCSX) to enable the processing of benefits payments, to communicate with other public sector organisations, such as the police, and to access centralised government databases. Access to GCSX requires compliance with GPG 13, which stipulates that network activity must be protectively monitored as a way of proactively spotting unusual or suspicious behaviour. In addition, the Council processes card payments, so Protective Monitoring capabilities are also required in order to comply with PCI DSS requirements.
Prior to the LogRhythm deployment there was no centralised approach to logging – major applications each handled their own logs independent of one another. This approach created challenges for the Council as there was no simple way of actioning queries or producing reports. During the selection process, the Council evaluated a number of solutions from competing vendors and chose LogRhythm for its superior understanding of GPG 13 compliance requirements, its advanced reporting suite, and the solution’s value for money.
“GPG 13 compliance is critical for any council’s day-to-day operations, with essential activities such as electronic correspondence with police and processing benefit claims dependent on GCSX access,” said Ross Brewer, vice president and managing director, international markets, LogRhythm. “LogRhythm’s understanding of GPG 13 and other public sector compliance issues was a major factor when the Council decided to deploy our technology. The standard requires centralised logging, while monitoring, alerting and other reporting functions are also very important. Although other solutions promise these capabilities, it is often the case that the reporting function either needs to be built from scratch or it involves an additional cost – a situation that was encountered by Stoke-on-Trent City Council during its selection process. Our system provides this functionality out of the box and also includes PCI DSS reporting as part of the package.”
Councillor Paul Shotton, cabinet member for transformation and resources, said: “This deployment will help bring our current systems into the 21st century as we strive to make our services more confident and efficient for staff and in turn for the customers we support, as outlined in the city council’s Mandate for Change. Our IT requirements are extremely vast as we have a number of sites to manage and so anything which helps with that management can only be a benefit to the city council.”
Brewer continued, “In the face of rising scrutiny over public sector IT budgets, it is certainly a challenge for organisations like Stoke-on-Trent City Council to adhere to increasingly stringent compliance requirements. Now compliant with GPG 13, the Council can build on the value added functionality that the LogRhythm system can provide, including improved network security, tracking internal activity, identifying trends and ensuring best practice procedures are followed. In addition, it has also deployed a system that is designed to cope with future challenges, including the transition from GCSX to Public Sector Networks (PSN).”
LogRhythm is a world leader in NextGen SIEM, empowering thousands of enterprises on six continents to successfully reduce cyber and operational risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm NextGen SIEM Platform combines advanced security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) in a single end-to-end solution. LogRhythm’s technology serves as the foundation for the world’s most modern enterprise security operations centers (SOCs), helping customers measurably secure their cloud, physical, and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm NextGen SIEM Platform has won countless customer and industry accolades. For more information, visit logrhythm.com.