Security information event management and integrated file integrity monitoring bring new efficiencies and savings to charity
Security information event management and integrated file integrity monitoring bring new efficiencies and savings to charity
St John Ambulance, the UK first aid charity, is addressing Payment Card Industry Data Security Standard (PCI DSS) compliance with the implementation of a security information event management (SIEM) solution from LogRhythm.
Provided by Softcat, a provider of software licensing, hardware, security and related IT services, LogRhythm will introduce a new level of automated reporting and alerting to St John Ambulance, which will simplify how the organisation manages its network and meets its compliance responsibilities.
St John Ambulance helps people learn first aid so that they can be the difference between a life lost and a life saved. The organisation teaches more people first aid than any other, with more than 800,000 people receiving St John Ambulance training each year in schools, workplaces or in the community.
With income generated by its first aid training programmes and supplies, service delivery programmes, which provide first aid at public events, and through charitable donations, St John Ambulance is classed as a Level 3 PCI DSS merchant. In order to meet the log data requirements of PCI DSS, St John Ambulance assessed a number of log data offerings before selecting Softcat and LogRhythm.
Karl Heydenrych, St John Ambulance IT director, explained: “Softcat demonstrated an excellent understanding of our operation and how the different technologies available could help meet our needs. As such, we fully trusted the company’s suggestion that we add LogRhythm to our shortlist of log data management solution providers.
“We evaluated a number of offerings but LogRhythm stood out as being more flexible and configurable than the others. We believe that this ensures a better fit for our business and brings us a faster return on investment, which is important for us as a charity, so we can equip more people with first aid skills.”
He added: “Additionally, LogRhythm was the only solution we found that offered integrated file integrity monitoring. Not only would this negate the need for us to purchase an additional solution to meet the specific file integrity monitoring requirements of PCI DSS, but it would simplify and strengthen our security, audit and compliance processes.”
Bringing proactivity to charity’s analysis
Implemented by specialist security distributor and LogRhythm partner, Vigil Software, LogRhythm will collect logs from the various PCI DSS components on the St John Ambulance network and will alert on any out of ordinary activity – from firewall to workstation activity.
Before LogRhythm, St John Ambulance’s IT team collected log data manually, which made any analysis or forensic investigations time consuming and more reactive than proactive. Beyond the PCI DSS compliance implementation, St John Ambulance anticipates developing LogRhythm’s use to provide better visibility over changing activity across the entire IT estate by capturing and reporting on anomalies as and when they occur.
Ross Brewer, vice president and regional managing director in Asia Pacific and Europe, Middle East and Africa at LogRhythm added: “Charitable organisations such as St John Ambulance are no more immune to internal or external threats than any large blue chip company. However they do often have a greater challenge when it comes to keeping operational costs minimal. Having file integrity monitoring fully included within the SIEM solution ensures a straightforward approach to identifying that any unauthorised modifications to systems or files without the added expenditure and time required to install and operate a separate system.”
