Endsleigh Insurance Services has improved its network log data management to help comply with Payment Card Industry Data Security Standard (PCI DSS) regulations.
The company has deployed an integrated log management and security information and event management (SIEM) system from LogRhythm, to gain a unified view of the various security threats and operational issues affecting all parts of its network.
Endsleigh decided to deploy a dedicated log management and SIEM solution when it became clear it could no longer rely on the log data provided by individual applications and network devices in order to prove PCI compliance and spot security threats.
“We needed a solution that would work straight away and provide us with constant reassurance that our infrastructure was compliant and secure,” said Jason Collins, IT project manager at Endsleigh Insurance Services.
“We used to collect and manage log data manually, but with LogRhythm we can now automate this process and have a single view of the entire infrastructure. This means we can now spot even the tiniest of events, including those which would have been missed in the past.”
Endsleigh can now generate reports to prove compliance and act on real-time alerts in case any event takes place that could affect its ability to meet regulations.
It can also monitor and act on security events occurring on any part of the network, spotting both external and internal breaches, such as hack attacks, the abuse of access rights or the unauthorised use of flash drives.
Endsleigh Insurance Services previously moved to reduce its invoice approval times and cut archiving costs with document imaging technology. The firm adopted Version One’s DbArchive document imaging platform, integrating it into its Microsoft Great Plains enterprise resource planning system.