CSC EMEA
advertisement
CSC EMEA Gleaning log data for security, operational, and compliance success AT-A-GLANCE Key Requirements –– Highly scalable and automated data collection –– Easy-to-use tools for compliance reporting and forensic analysis –– More compelling security offering for customers Solution –– Security incident and event management (SIEM) solution enables automated collection, analysis, and log storage –– Assures compliance for several large corporate customers and for CSC globally Results –– CSC was one of the first technology service providers to be ISO/IEC 27001 certified, a key market differentiator –– Now includes SIEM solution in almost every tender, helping it drive revenue CUSTOMER PROFILE “The deployment of RSA® enVision® assisted us in becoming one of the first technology service providers to be ISO/IEC 27001 certified. This key differentiator allowed us to accelerate our position in the market, since we were able to present both existing and potential customers with a much more compelling security offering.” PETE COLLEY, SECURITY OPERATIONS MANAGER EMEA, CSC Computer Sciences Corporation (CSC) is a leading global consulting, systems integration, and outsourcing company. It provides customers in industry and government with solutions crafted to meet their strategic goals, enabling them to profit from the advanced use of technology. It has 92,000 employees in 80 countries worldwide and has revenue of $17.1bn. KEY REQUIREMENTS A few years ago, CSC began work with a large health organization. As part of the deal, CSC was required to set up and maintain a brand-new IT network. Ensuring optimal security and operations, as well as compliance with mounting healthcare legislation, meant CSC would have to collect and analyze all network logs. However, the sheer number of logs being generated made manual collection and analysis unviable. To meet this challenge, CSC identified the need to deploy a SIEM solution that would automate this process, allowing it to collect and analyze log data in real time. Additionally, not only would SIEM help CSC meet the needs of the large health organization; it would also enable it to build a more compelling offering for other existing and potential customers. For example, CSC found that increasing numbers of organizations were being driven to improve their security policies to minimize security breaches, rectify failed audits, or comply with new or pending legislation. Deploying a real-time log-management solution would enable CSC to help organizations better meet these challenges. SOLUTION Over a period of three months, CSC interviewed various security vendors and evaluated the strengths of their SIEM offerings before deciding on RSA enVision. This solution from RSA— The Security Division of EMC, optimizes IT and network operations through automated collection, analysis, alerting, auditing, reporting, and secure storage of all logs. “Real-time collection and analysis of log data is central to improving IT security, optimizing operations, and ensuring compliance. For us, RSA enVision is the most comprehensive SIEM solution on the market.” PETE COLLEY, SECURITY OPERATIONS MANAGER EMEA, CSC It provides the most efficient collection, analysis, and management of all the data from any IP device, in computing environments of any size, without filtering and without the need to deploy agents. This versatility makes it particularly suited to the differing needs of CSC’s customers. As well as the large health organization, CSC is using RSA enVision to enhance security and to help mitigate operational risk for several large corporate customers including a well-known utility company, a global merchant bank, a national rail infrastructure organization, and a leading aircraft manufacturer. Using real-time log management and analysis CSC was able to help one of its customers investigate and resolve a security and operational threat posed by an employee. It was also able to minimize the negative effects of the Conficker MS067 virus that swept over the Internet crippling many businesses. Finally, one of CSC’s customers was perplexed as to why one of its UNIX boxes was running slowly. Using RSA enVision, CSC was able to identify and rectify the situation straight away. CSC now uses RSA enVision globally within its own network of 90,000 users to help gain compliance with the Statement on Auditing Standards (SAS) no. 70 and the SarbanesOxley Act. RESULTS The SIEM solution gives CSC a single, integrated, three-in-one log-management solution for simplifying compliance, enhancing security, and mitigating risk—both in its own business and on behalf of its customers. It gives CSC real-time visibility of potential issues, enabling it to solve them before they actually become a problem. In turn, this helps it keep administration costs low and improves system availability. CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller – or visit us at www.RSA.com www.rsa.com Additionally, the system assisted CSC in becoming one of the first technology service providers to be ISO/IEC 27001 certified, giving it an early differentiator in the market. It enabled CSC to make its service offering even more compelling to existing and potential customers, ultimately driving revenue and increasing competitiveness. Now, CSC includes the platform in almost every tender, and thanks to this early leadership is seeing a growing number of external clients asking it to manage their SIEM boxes on their behalf. ©2003-2009 EMC, the EMC logo, RSA, the RSA logo, and enVision are trademarks or registered trademarks of EMC Corporation in the United States and/or other countries. All other trademarks mentioned herein are the property of their respective owners. CSCEMEA CP 0309
