Reducing data log analysis costs with real-time analysis and security tool
Local authority expands use of SIEM technology internally to ensure compliance with all accreditation requirements across Durham and thwart data breaches
Durham County Council, a local government organisation employing 18,000 staff members and representing a population of half a million, recently deployed LogPoint’s intuitive SIEM technology to reduce its operational costs by almost 50 per cent in comparison to its previous provider.
SIEM (Security Information and Event Management) is a tool that provides real-time analysis of data logs and alerts users to potential security threats within an organisation. The council, which covers an area including 12 towns and cities, has extensive compliance and accreditation requirements, including the NHS Information Governance Toolkit, Payment Card Industry (PCI) and BACS.
A key factor in selecting LogPoint technology to expand the council’s use of SIEM technology was deploying the system on a much greater scale. A total of 143 distinct devices are now configured to the tool, providing a far greater contextual overview of security situations as they arise. There are further plans to incorporate even more systems into the SIEM over the coming months, as well as become increasingly proactive in identifying and thwarting security situations, due to the notifications and updates the system provides.
Paul Woods, Information Security Officer at Durham County Council states:
“Access to our previous SIEM was restricted to only two members of the technical services team. By utilising SIEM from LogPoint we have been able to open the door for other ICT areas, including the ICT service desk. They are now able to perform their own searches and follow up virus alerts. We can also trace the viruses back to the originating PC and identifying the alert trigger – thus containing any virus threats.”
This wider SIEM utilisation has also allowed Durham County Council to automate compliance reporting. This creates time efficiencies, which in turn means less manual log inputting, allowing high-level IT team members to focus on important tasks. Utilising SIEM is now enabling compliance requirements to be met comprehensively, and ensure the necessary processes are in place to satisfy the upcoming General Data Protection Regulations (GDPR).
Paul Woods continues:
“As a local authority, Durham County Council holds public data and collects revenue, and is therefore subjected to multiple compliance regulations. LogPoint’s simple, upfront pricing model not only makes the SIEM tool more affordable, but also enables us to integrate a larger variety of systems, meaning more data can be retrieved. For us, this means greater compliance, and better intelligence. It also makes use of a universal language for both custom alerts and reporting. This means we can now create our own searches, something we were unable to do previously. The outstanding offering – in terms of looks and features – makes LogPoint a vital tool for our ICT department.”
Graeme Stewart, Managing Director of LogPoint UK & Ireland, states:
“The council’s previous SIEM had a recurring issue with data loss. By implementing updated SIEM technology, Durham County Council has been able to resolve the issue which enables them to stay compliant with the many regulations they must adhere too. LogPoint’s mission is also to make the benefits of SIEM felt beyond just compliance. Durham has been able to halve operational costs and can now facilitate new and easier ways of loading data logs. We look forward to supporting Durham County Council and continuing to drive efficiencies across the organisation into the future.”