Critical IT services need dedicated SOC for GDPR compliance
Log your IT activities in a SOC to comply with GDPR and in a local private cloud to comply with NIS.
The General Data Protection Regulation (GDPR) mandates that a company report any security incidents, such as vulnerabilities and personal data breaches, within 72 hours, and you must also be able to detect said breaches. This will be even tighter for critical services like health, energy and communications. Sweden’s new National Information Security (NIS) regulation will require security incidents to be reported within 24 hours in these sectors.
Basefarm offers a managed Security Information and Event Management (SIEM) solution which is monitored by our Security Operations Center (SOC). The SIEM received logs from an organization’s IT systems, and then correlates the logs to locate potential breaches. Additionally, Basefarm’s high security standards includes the availability of a Security Incident Response Team (SIRT) that amongst other things deals with it-forensics after a breach to find the extent and how much data has been stolen by an attacker.
If you need to comply with not only GDPR but also with NIS, Basefarm offers a local private cloud which can also be used together with our SIEM and SOC service.
Machine learning in log solution
“One way we use our SIEM is by utilizing machine learning to detect breaches through anomaly detection,” explains Fredrik Svantes, Head of Security Operations at Basefarm. “By using the logs in a centralized location we can also find the information quickly and efficiently. We know where the anomaly happened, and can then quickly start looking into all logs at the time of the event.”
By shipping the logs over to another log host, the logs are secured from being altered by an adversary who may modify the logs locally on the machine they have comprised in order to hide their tracks. Requirements to safely store logs in this manner is also becoming a requirement for an increasing amount of security standards.
This service is also relevant for companies who want to be ISO 27001 certified for information security, and will support compliance to Säkerhetsskyddslagen (Security Protection Regulation) coming into effect in the autumn of 2019 in Sweden, with similar laws being already in place or becoming the standard in other countries.
Critical services need maximum security
“Our security is based upon three tiers of response,” Svantes continues. “The first step is that our 24/7/365 Tier 1 SOC analyst either locates something odd on their own or receives and alert from our system, which they then analyze. If the case requires a Tier 2 SOC analyst (SIRT) ,it gets escalated to them for follow up. If they need additional assistance 24/7/365 escalate to our Tier 3 (Security Engineers) whom are the ones working to continuously to improve and implement security solutions within Basefarm”
Please contact us for more information and if you would like to know more about how our log solution and security expertise can keep your critical systems safe and secure.