Williams Lea, a business processing outsourcing (BPO) firm, has chosen to deploy LogRhythm’s integrated log management and Security Information and Event Management (SIEM) software, to meet information security management standard ISO 27001 and the Payment Card Initiative Data Security Standard (PCI DSS). Williams Lea is also using the software firm to help optimise the efficiency of its UK operations, and for security across its IT.
Tasked with managing the entire communications lifecycle – both externally and internally – for its clients, Williams Lea has high volumes of information from financial services, retail, telecoms, the pharmaceutical and public sectors. ISO 27001, ISAE3000 and PCI DSS standards require the continuous, automated collection and analysis of all log data generated by IT. With more than 4,500 employees in the UK accessing its network, which was generating increasingly large volumes of log data, Williams Lea needed centralised log management to bolster the security of its systems while improving the efficiency of the IT estate. Williams Lea reviewed a number of offerings.
Andrew Allison, Information Security Manager, Williams Lea, says: “We required a solution that could cater to the diverse nature of our business and enable us to automate log management across all the different platforms and domains our IT systems operate on – a key requirement of ISO 27001 and PCI DSS regulations. We were monitoring millions of event logs every day, and LogRhythm’s centralised and automated solution stood out for being able to help us meet these compliance requirements quickly and efficiently. The solution has clearly been designed with the end-user in mind, offering advantages such as value for money, simple implementation and ease of use compared with the other solutions we evaluated. We received excellent support from both LogRhythm and our IT systems partner Armana, which provided us with exceptional service and an outstanding level of assistance throughout the entire deployment process.”
Since implementation, Williams Lea says that it has not only ensured compliance with regulatory requirements, but it has also utilised the actionable intelligence to improve the security and efficiency of its IT.
“The LogRhythm solution monitors consolidated user account activity across our networks, allowing us to identify and remediate any suspicious behaviour and potential security threats in real-time. For example, this enables us to immediately recognise and prevent any previous employees attempting to access our system,” said Andrew Allison. “Due to the solution’s intuitive automated report generation capabilities, operational efficiency across our IT infrastructure has also dramatically improved. The hours required for log review have already been reduced by two to three hours a day, and we will be expanding on our usage of the solution to optimise efficiency across our operations.”
