fbpx
  • Kundcase
  • Blogg
  • Whitepapers
  • Press
  • Partners
  • Nyhetsbrev
  • Events
  • Kontakt
  • Customer Portal
  • Svenska Svenska Svenska sv
  • English English Engelska en
Basefarm Menu
  • Molntjänster
    • Publika molntjänster
      • Publika molntjänster
      • Amazon Web Services
      • Microsoft Azure
    • Privata moln
      • Privata moln
      • VMWare
      • IBM Power Cloud
    • Hybrida moln
      • Hybrida moln
    • Cloud management
  • Säkerhetstjänster
    • Skydda
      • DDOS Skydd
      • Web Application Firewall (WAF)
      • Web Application Vulnerability scan
      • Infrastruktur sårbarhetsanalys
    • Hitta
      • Säkerhetscenter
      • DDOS Skydd
      • Intrusion Detection System (IDS)
      • SIEM as a Service
    • Uppfylla
      • PCI DSS
      • Multi Factor Authentication (MFA)
      • Security Operation Center (SOC)
      • Säkerhetsstandarder
    • Åtgärda
      • Information Security
      • Dedikerade kundteam
      • Security Incident Response Team (SIRT)
  • Big Data och AI
    • Data Science
      • Idéinsamling och avgränsning
      • Prediktivt underhåll och avvikelsedetektering
      • Prediktiv analys
      • Rekommendationssystem
      • NLP och textutvinning
      • Datorvision
      • Djupinlärning
    • Data Engineering
      • Big data-applikationer
      • Molninbyggda program
      • Datakonsolidering
      • Machine Learning as a Service
      • IoT och Industrie 4.0 – End-2-End
  • Om oss
    • Orange köper Basefarm
    • ISO certificates
    • GDPR Compliance Statement
    • Hållbarhet
    • Värderingar
    • Mission & Vision
  • Sök
  • Menu Menu

Critical IT services need dedicated SOC for GDPR compliance

Log your IT activities in a SOC to comply with GDPR and in a local private cloud to comply with NIS.

The General Data Protection Regulation (GDPR) mandates that a company report any security incidents, such as vulnerabilities and personal data breaches, within 72 hours, and you must also be able to detect said breaches. This will be even tighter for critical services like health, energy and communications. Sweden’s new National Information Security (NIS) regulation will require security incidents to be reported within 24 hours in these sectors.

Basefarm offers a managed Security Information and Event Management (SIEM) solution which is monitored by our Security Operations Center (SOC). The SIEM received logs from an organization’s IT systems, and then correlates the logs to locate potential breaches. Additionally, Basefarm’s high security standards includes the availability of a Security Incident Response Team (SIRT) that amongst other things deals with it-forensics after a breach to find the extent and how much data has been stolen by an attacker.

If you need to comply with not only GDPR but also with NIS, Basefarm offers a local private cloud which can also be used together with our SIEM and SOC service.

Machine learning in log solution

“One way we use our SIEM is by utilizing machine learning to detect breaches through anomaly detection,” explains Fredrik Svantes, Head of Security Operations at Basefarm. “By using the logs in a centralized location we can also find the information quickly and efficiently. We know where the anomaly happened, and can then quickly start looking into all logs at the time of the event.”

By shipping the logs over to another log host, the logs are secured from being altered by an adversary who may modify the logs locally on the machine they have comprised in order to hide their tracks. Requirements to safely store logs in this manner is also becoming a requirement for an increasing amount of security standards.

This service is also relevant for companies who want to be ISO 27001 certified for information security, and will support compliance to Säkerhetsskyddslagen (Security Protection Regulation) coming into effect in the autumn of 2019 in Sweden, with similar laws being already in place or becoming the standard in other countries.

Critical services need maximum security

“Our security is based upon three tiers of response,” Svantes continues. “The first step is that our 24/7/365 Tier 1 SOC analyst either locates something odd on their own or receives and alert from our system, which they then analyze. If the case requires a Tier 2 SOC analyst (SIRT) ,it gets escalated to them for follow up. If they need additional assistance 24/7/365 escalate to our Tier 3 (Security Engineers) whom are the ones working to continuously to improve and implement security solutions within Basefarm”

Please contact us for more information and if you would like to know more about how our log solution and security expertise can keep your critical systems safe and secure.

Read our Privacy and Cookie Policy l Read our GDPR compliance statement
© Copyright - Basefarm
© Copyright - Basefarm
Balancing security in hybrid cloud environment What AI and machine learning are and how they relate to IoT
Scroll to top