Deutscher Alpenverein

Secure Member Administration: DAV ensures GDPR compliance using the LogPoint SIEM solution.

DAV has implemented LogPoint to protect the personal data of more than one million members and comply with GDPR. The SIEM solution supports the IT department with comprehensive analytics and user-friendly dashboards, visualizing log data and threat information collected throughout entire IT infrastructure.

Background

More than one million alpinists and mountain fans are organised in 356 regional associations, under the Deutscher Alpenverein (German Alpine Club) established in 1869. It a remarkable club and the enthusiasm for it’s guiding principles remain unwavering also after 150 years of existence. Today more and more young people, boys and girls alike, joins the club.

In particular the DAV indoors climbing halls across Germany attracts new generations to the regional associations, that offer a wide variety of activities, content, special offers, insurances and more to support the passion for alpine sports. A cornerstone in the membership administration is the DAV ID, which each member receives upon registration. It allows for participation in membership activities and enables members to receive special offers and discounts.

The personal member data are also used for administrative purposes, including the collection of membership fees, as well as communication via e-mail or other channels. Data are either fed directly in through Citrix connected IT systems or stored on local servers. However, the DAV digitalization strategy aims for further centralization of services at headquarters in Munich and potentially also cloud based solutions.

We realized, that we needed a solution that would both meet our high security standards as well as the GDPR requirements. That is why we reached out to the team at microCat at a very early stage. When they introduced us to LogPoint during the Proof-of-Concept, we were particularly surprised by the flexibility of the solution and the wide range of possibilities in the LogPoint dashboard.
Klaus Vogler, IT Manager, Deutscher Alpenverein
DAV Klaus Vogler

The challenge

Protecting personal data against unauthorised access and ensuring GDPR compliance was a key requirement for DAV in the process of upgrading IT security. The process was supported by the Munich-based IT systems house microCat, a certified LogPoint partner and a long-term service provider to DAV with extensive knowledge of the IT security infrastructure in the organization.

“DAV handles more than one million membership data sets and has to manage numerous IT systems, which are accessed by more than 150 full-time employees and numerous voluntary staff every single day. Following a comprehensive security analysis, we concluded that the only way to deliver on DAV requirements was a SIEM solution”, says Markus Stinner, the CEO of microCat.

Preparations for upgrade in IT security were launched years before the GDPR regulations formally came into effect in 2018.

“We realized, that we needed a solution that would both meet our high security standards as well as the GDPR requirements. That is why we reached out to the team at microCat at a very early stage. When they introduced us to LogPoint during the Proof-of-Concept, we were particularly surprised by the flexibility of the solution and the wide range of possibilities in the LogPoint dashboard”, says IT manager Klaus Vogler at DAV headquarters in Munich.

Shortly after the Proof-of-Concept, the LogPoint SIEM was operating, collecting and analysing data from 25 different log sources.

The solution:

Download the full case to learn how DAV ensures GDPR compliance with the LogPoint SIEM solution: