|
SecureVue allows us to present the compliance of the whole network in seconds. Having this total view of the network allows us to trace the effects of security events from the root cause, giving us complete accountability.” John Leigh, Head of Information Technology, North Western Deanery.
THE ENTERPRISE — North Western Deanery
Funded by the National Health Service (NHS), the North Western Deanery develops and maintains high quality post-graduate training for junior doctors and dentists throughout the north west of England. It is also responsible for supervising doctors in their pre-registration practicum year, for quality continuing medical and dental education opportunities, and for assisting in planning the UK’s future medical and dental workforce. A primary priority for the Deanery is to ensure that the educators delivering the training are competent and confident in their role as both classroom instructors and practicum supervisors for over 3,000 postgraduate trainees.
THE CHALLENGE
The Deanery’s information systems contain sensitive personal information on medical trainees, dental trainees and educators served presently and in the past. With Deanery staff, doctors, dentists and trainers accessing the network frequently, this personal information must remain secure.
In addition, the Deanery’s network recently joined the Connecting for Health network of the National Health Service (NHS), probably the largest and most secure private network in the UK. Because of the highly sensitive patient information it contains, the NHS network must not allow inappropriate access via networks connecting to it. Thus, it imposes strict principles of information security on all connecting networks through a governance audit and security event management framework that includes regularly scheduled security self-assessments as well as on-going security audits by NHS.
From the perspective of the North Western Deanery, the information security challenge had three dimensions: to strengthen the protection of its own information resources, to comply with the audit and security framework of the NHS network, and to increase operational efficiency so it could meet the first two challenges without expanding its small, three-person Security Operations Centre (SOC). This third challenge was made especially difficult since security compliance audits at the Deanery had always been very laborious manual efforts that fell to the SOC staff. John Leigh, Head of IT at the Deanery, realized that they could meet this challenge only though a very dramatic efficiency boost for his small SOC staff, an efficiency boost that would be possible if the staff could:
• See the network from one enterprise-wide console that displayed information from all nodes including laptops, firewalls, servers and routers
• Understand the compliance posture of the whole network in seconds
• Identify the root cause of security incidents in seconds, not days or months
• Generate a compliance audit report at the press of a button
• Reduce complexity by deploying a single platform that integrates both security and compliance management
THE SOLUTION
The North Western Deanery selected eIQnetworks’ flagship SecureVue® platform—a platform integrating Security Information and Event Management (SIEM) and IT security and compliance management management—to proactively manage security, identify threats and support audit requirements, as well as to aggregate disparate application and flow data more effectively across the entire organization. The Deanery was able to fortify protection of its own data and resources with SecureVue’s single console that allows users from different teams to view the same data across the whole enterprise network through a role-based, customizable user interface. With SecureVue, Deanery SOC staff can now identify problems and drill down to discover the root causes in seconds.
To address the Deanery’s compliance and audit needs, SecureVue delivers the ability to view compliance trouble spots anywhere on the network in seconds. With its customization support, SecureVue’s interface can be modified to match the needs of different staff members so that the Deanery’s compliance posture can be viewed at a high level by management or at a more detailed level by the SOC staff that must identify and resolve potential issues in seconds. The Deanery can also now generate a compliance report at the push of a button as needed.
To boost efficiency enough to allow all this to be accomplished with the existing SOC staff, SecureVue delivers the industry’s only complete SIEM package that analyzes much more than syslog and network flow data. While the Deanery has focused almost exclusively on syslog data, SecureVue allows them to automatically collect and correlate all important security data collected over months: asset, configuration, performance, vulnerability and network flow as well as syslog data. This means that data on millions of potential security events is rapidly and automatically correlated and reduced to a manageable handful of security incidents or compliance gaps.
THE END RESULT
After carefully reviewing the available SIEM and IT security and compliance management point products, John Leigh chose SecureVue for North Western Deanery because, in his words, “SecureVue allows all our staff to have the information they need delivered directly to them when they need it. It allows us to view the entire network through a single view point, and the content viewed can be customized to the needs of the user.” eIQnetworks’ SecureVue accomplishes this for the Deanery by:
• Delivering a single, enterprise-wide console that displays all IT security and compliance management and SIEM data across the entire enterprise and presents the compliance posture of the enterprise
• Simplifying IT management through the integration of IT security and compliance management and SIEM in a single platform that 1) presents—out of the box—audit reports which provide management with a quick understanding of overall compliance and security posture, 2) correlates security data across multiple data silos to identify critical security breaches, and 3) provides operations team with ALL DATA needed to quickly resolve compliance gaps and security incidents
• Increasing the operational efficiency of IT staff so they could accomplish all of the above without adding staff and off-loading other responsibilities
• Reducing the total cost of ownership of IT security and compliance management and SIEM solutions by consolidating disparate compliance and security solutions into one, integrated platform
|
