The Flexibility of SIEM in Use A look at how two customers use EventTracker



Similar documents
Monitoring Windows Workstations Seven Important Events

Sarbanes-Oxley Act. Solution Brief. Sarbanes-Oxley Act. Publication Date: March 17, EventTracker 8815 Centre Park Drive, Columbia MD 21045

Monitor Mobile Devices via ActiveSync Using EventTracker

Cutting Through SIEM Vendor Marketing. Make the right technology decision A. Ananth

Advanced File Integrity Monitoring for IT Security, Integrity and Compliance: What you need to know

Solution Brief for ISO 27002: 2013 Audit Standard ISO Publication Date: Feb 6, EventTracker 8815 Centre Park Drive, Columbia MD 21045

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment Adaptive Network Security...

Privileged Identity Management for the HP Ecosystem

Protection & Compliance are you capturing what s going on? Alistair Holmes. Senior Systems Consultant

Netwrix Auditor. Сomplete visibility into who changed what, when and where and who has access to what across the entire IT infrastructure

Monitoring Microsoft SQL Server Audit Logs with EventTracker The Importance of Consolidation, Correlation, and Detection Enterprise Security Series

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

Integrate Microsoft Windows Hyper V

How to Define SIEM Strategy, Management and Success in the Enterprise

Ecom Infotech. Page 1 of 6

Integrate Websense Web Security Gateway (WSG)

F5 and Microsoft Exchange Security Solutions

Real-Time Security for Active Directory

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2

Vulnerability Intelligence & 3 rd party patch management

Endpoint Virtualization for Healthcare Providers

QRadar SIEM 6.3 Datasheet

AlienVault for Regulatory Compliance

Compliance Management, made easy

SecureVue Product Brochure

Integrating Symantec Endpoint Protection

Information & Asset Protection with SIEM and DLP

7 Tips for Achieving Active Directory Compliance. By Darren Mar-Elia

Tripwire Log Center NEXT GENERATION LOG AND EVENT MANAGEMENT WHITE PAPER

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO

NitroView. Content Aware SIEM TM. Unified Security and Compliance Unmatched Speed and Scale. Application Data Monitoring. Database Monitoring

How To Manage Log Management

LogInspect 5 Product Features Robust. Dynamic. Unparalleled.

Integrate Cisco IronPort Web Security Appliance (WSA)

White Paper. 7 Questions to Assess Data Security in the Enterprise

Presentation Title: When Anti-virus Doesn t Cut it: Catching Malware with SIEM

LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.

Integrating Trend Micro OfficeScan 10 EventTracker v7.x

The Sumo Logic Solution: Security and Compliance

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Using Remote Web Workplace Version 1.01

Server Monitoring: Centralize and Win

Professional Services Overview

An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011

Cloud and Data Center Security

Antenna s AMPower Sales to Mobilize Oracle s Siebel CRM On Demand Solution

Scalability in Log Management

Secret Server Qualys Integration Guide

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

Real-Time Database Protection and. Overview IBM Corporation

White Paper. Imperva Data Security and Compliance Lifecycle

OPTIMIZE ENTERPRISE ASSET MANAGEMENT WITH MOBILE

Device Lifecycle Management

Self-Service SOX Auditing With S3 Control

START-UP. services DATACARD SM GLOBAL SERVICES. Prepare to streamline installation and optimize results

How To Achieve Pca Compliance With Redhat Enterprise Linux

The Ultimate Dealers Guide for Customer Communication to Maximize Profits

Vulnerability Management

The Impact of HIPAA and HITECH

Data Center Infrastructure Management

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

How To Buy Nitro Security

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance

8 Steps to Holistic Database Security

SafeNet DataSecure vs. Native Oracle Encryption

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

Eoin Thornton Senior Security Architect Zinopy Security Ltd.

FTP-Stream Data Sheet

The Education Fellowship Finance Centralisation IT Security Strategy

Understanding Enterprise Cloud Governance

Demonstrating the ROI for SIEM: Tales from the Trenches

(A) User Convenience. Password Express Benefits. Increase user convenience and productivity

Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software.

Virtual Compliance In The VMware Automated Data Center

Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series

Successful File Server Auditing: Looking beyond native auditing

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

SPEND LESS TIME WITH PAPER. MORE TIME WITH CARS. Intelligent Dealer Electronic Archiving System

BlackStratus for Managed Service Providers

WHITE PAPER. Automated IT Asset Management Maximize Organizational Value Using Numara Track-It! p: f:

ARS v2.0. Solution Brief. ARS v2.0. EventTracker Enterprise v7.x. Publication Date: July 22, 2014

PCI DSS Top 10 Reports March 2011

Tripwire Log Center NEXT GENERATION LOG AND EVENT MANAGEMENT WHITE PAPER

An Introduction to RSA envision The Information Log Management Platform for Security and Compliance Success. September, 2009

State of SIEM Challenges, Myths & technology Landscape 4/21/2013 1

Transcription:

A look at how two customers use EventTracker Case Study Publication Date: 2012 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com

Introduction SIEM and log management solutions have been increasingly adapted by organizations throughout the United States due to the wide-ranging benefits they offer. By providing a 360o view of the entire IT infrastructure, a SIEM is the eyes and ears of the IT environment providing real-time alerting and reporting. EventTracker is a fully-featured SIEM and log management solution that allows organizations to maintain continuous compliance, reduce actual audit times from weeks to days, and increase operational uptime thereby reducing the stress on the IT team, as well as management. While the primary drivers for implementing a SIEM and log management solution are regulatory compliance, increased security and operational efficiency, different organizations implement and utilize these solutions in ways to best meet their own needs. In this white paper, we will examine how two different organizations are utilizing EventTracker in real-world environments. Phreesia: A PCI-DSS Compliance Implementation If you have been in a doctor s office recently, chances are pretty good that you may have been in an office that has switched from taking patient information on paper to an electronic tablet from Phreesia. This tablet grants medical offices the opportunity to allow patients to fill-out forms electronically, improve accuracy, collect co-pays and balances, and verify insurance coverage. Phreesia, founded in 2005 and headquartered in New York, NY has developed this solution which increases efficiency in the doctors offices. Phreesia has been deployed in thousands of offices with more than 10,000 tablets in use. All the data from these devices is communicated back to the centralized data center in New Jersey, where it passes through more than a dozen servers performing their various functions such as the insurance verification, credit card processing, etc. In 2010, Phreesia turned to EventTracker to meet the needs they had for HIPPA compliance (Health Information Privacy Protection Act) because it collects patient information and Payment Card Industry Data Security Standards compliance (PCI-DSS Level 1) for credit card processing. A SIEM 1

and log management solution was the final piece needed for their IT infrastructure. Before EventTracker we were largely missing centralized auditing... Before EventTracker we were largely missing centralized auditing, said Troy Polan, Director, Information Technology at Phreesia. The drive to acquire this capability was primarily based on PCI requirements. PCI-DSS and HIPPA require organizations to monitor and report on similar information, but the exact details may vary. For example, they both require organizations to report on such information as when users logon/logoff, logon failures, audit logs, object access, system events and more. EventTracker allows Phreesia to store all this data in a centralized location, and quickly access these reports. We re tracking everything, said Polan, we re passing through credit card data and collecting patient information. EventTracker is providing us with the real-time monitoring of the systems that do this. Mobile Productivity: Evolving Needs Mobile Productivity, an affiliate of Service Repair Solutions, is headquartered in the desert oasis of Las Vegas, Nevada. Founded in 2003, the company is a market leader in the standardization of inspections, estimating and recommendation processes for automotive repair. Other affiliate companies under the same automotive repair umbrella include Identifix, International Automotive Technicians Network, and Auto Point. Mobile Productivity s solution, Edge WorldClassTM, is utilized in more than 800 dealerships across the country, and helps users realize a 4 or 5 to 1 ROI. In 2009 they were recognized by Inc as the 63rd fastest growing software company. Their excellence is evidenced by endorsements from Mercedes Benz, BMW and Chrysler, as well as working partnerships with wellrecognized dealer groups such as Penske, AutoNation and Group 1. In 2009, Mobile Productivity looked to implement a SIEM and log management solution to meet a specific use case need: the organization needed a solution to correlate personnel log-ins with time clock data. At the time, they were lacking a centralized solution for analyzing the data, and the manual process was time-consuming and cumbersome. They were originally using Microsoft Back Office, but the event logs showed far 2

too much information to parse manually. After all, their infrastructure consists of more than a thousand workstations, servers and network devices at two locations. With an IT team of 20 people, including desktop support, and server and network admins, there is still a lot to do. EventTracker ended up filling several needs, some of which we didn t even know we had... After looking at several potential solutions including Arcsight and Netflow, Mobile Productivity decided to implement EventTracker. Our company was very concerned about the value proposition, said CIO Patrick Thurman. EventTracker provided us with the specific feature-sets we required at the time for an economical price. It was, and continues to be a phased implementation for Mobile Productivity. The initial installation was very quick and painless. We looked at what we needed to be set-up and focused on that rather than trying to do everything at once and being overwhelmed, or worse not using half of it, said Thurman. And we were able to be up and running faster than we thought thanks to the excellent training we received. As time has passed, additional requirements have been uncovered, and Mobile Productivity has started to use the appropriate functionality EventTracker has already built-in. For example, the initial requirement was for auditing users. However, that has evolved to auditing certain event types such as user adds/deletes, file changes, file access and more. If events fall outside of their defined parameters, the administrators receive alerts. EventTracker ended up filling several needs, some of which we didn t even know we had, and many of these we are beginning to care more about, said Thurman. As the years have passed, additional requirements have surfaced. Mobile Productivity is now building and implementing the plans to become PCI- DSS and Sox 404 compliant. They are working to identify the compliance plans, determine additional devices that need to be monitored and configure the reporting parameters required. But Patrick will not be alone. I am just now getting people on board that will be able to fully utilize the capabilities of EventTracker, more than we have in the past, and be able to perform security and compliance monitoring, said Thurman. Mobile Productivity is planning to expand the coverage to include more workstations and servers, and incorporate the monitoring of a third 3

facility. Additional optional modules are also being considered to increase the functionality of this powerful SIEM solution. Conclusion As you can see from these two brief stories of EventTracker customers, the initial reason for implementing a SIEM, and how it is used can vary from organization to organization. In both instances, the customers were able to satisfy their individual requirements, and even find ways that EventTracker can satisfy additional requirements. With the use case and scope clearly defined, organizations are able to simplify the monitoring of their IT infrastructure and meet their overall goals. About EventTracker Founded in 1999, EventTracker was a pioneering force in the development of Log Management technology. Building on its reputation as an innovator, the company today delivers the most comprehensive Security Information and Event Management (SIEM) solution in the industry, powered by a unique combination of real-time Log Management and Correlation with Change and Configuration Management. EventTracker s customer-centric approach and the award winning software enable more than 1,000 customers worldwide to mitigate internal and external threats, comply with a variety of regulatory requirements, and improve IT processes and service availability. Additionally, EventTracker maximizes investment, improves IT processes and achieve tangible, demonstrable cost savings. 4

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information