Powys County Council has chosen to deploy LogRhythm's integrated log management and Security Information Event Management (SIEM) solution to help cut the cost of complying with government and Payment Card Industry Data Security Standard (PCI DSS) regulations. The Council will also use LogRhythm to proactively identify and remediate internal and external security threats to its critical IT infrastructure.
Powys County Council is responsible for providing local authority services to more than 130,000 people in the county, which spans an area a quarter of the size of Wales. Approximately 2,500 of the Council’s 8,000 employees have access to its IT network, which links 200 offices and schools across the county. In addition to keeping this large network secure, the Council, which connects to the UK Government Connect Secure Extranet (GCSX) in order to process benefits payments, must comply with Good Practice Guide no. 13 (GPG 13). This prescribes the Protective Monitoring of the Council’s network, in order to proactively spot suspicious events and provide an audit trail of past incidents. As it processes credit card payments for council tax and other charges, the Council must also monitor access to network resources in order to achieve PCI compliance. The deployment of centralised real-time analysis of log data generated across the Council’s IT infrastructure plays a large part in ensuring these compliance requirements are satisfied.
The Council has traditionally stored the log data generated by individual network devices in silos. However, with an increasingly complex IT infrastructure and a growing compliance burden, the process of monitoring has become time consuming and expensive to resource. It has therefore been decided to deploy a centralised log management tool that can automatically analyse log data generated across its entire infrastructure, as well as alert on anomalies and ensure ongoing compliance with GPG 13 and PCI regulations. After a review of a number of solutions on the market, Powys opted for LogRhythm’s solution. Key reasons for this decision included LogRhythm’s ability to cost effectively analyse and correlate log data generated by the widest range of sources – including all of the Council’s current IT systems – plus its ease of use.
“We’ve traditionally stored log data on individual devices, but the number of logs generated, and the need to trawl through these manually in order to conduct post-event forensics, means this approach has become far too cumbersome and expensive,” said Councillor Liam Fitzpatrick, Powys County Council Cabinet Member for Information Technology. “By deploying a centralised Protective Monitoring system we will both reduce the cost of achieving PCI and GCSX compliance and better protect our network from external and internal threats. The system is a significant step forward in protecting our network and security is paramount for the council.”
“LogRhythm’s solution suits our needs perfectly. Not only is it capable of managing, analysing and correlating our entire estate’s log data, it produces alerts and reports in plain English, rather than error codes, helping us immediately understand what the problem is. We have exceptional staff in the authority and the solution will be of huge benefit to them,” continued Councillor Fitzpatrick.
LogRhythm’s solution will analyse log data generated by all of Powys County Council’s critical IT systems, including its active directory, firewalls, financial systems as well as its HR and social services databases. From a single, customisable dashboard, the Council’s IT team will be able to gain a complete overview of all these assets, while the solutions’ out-of-the box reporting capabilities means that, from day one, it will able to produce reports that prove compliance with the requirements of both PCI DSS and GPG 13. The dashboard also provides Powys with the added benefit of being able to spot and fix inefficiencies in its IT operations.
“Powys County Council, like so many local authorities, faces an increasingly complicated challenge when it comes to IT security. Firstly, it must secure an increasing amount of data and, secondly, it must adhere to more and more compliance directives. And all this needs to be undertaken at a time when public sector IT budgets are under close scrutiny,” said Ross Brewer, vice president and managing director, international markets, LogRhythm. “By opting for an automated system capable of monitoring multiple data sources, producing auditor-friendly reports and spotting operational inefficiencies, the Council is meeting these challenges in the most affordable way.”