How Logpoint is helping the Family Building Society
retain log data, provide efficient forensic
analysis and support Cyber Security Plus Accreditation
With Logpoint, the Family Building Society is able to identify and categorize both known and unknown threats quickly. By normalizing log data upon ingestion, rather than upon search, Logpoint provides the Building Society IT team the ability to perform analytics across a broad range of sources. And it all comes at a predictable cost.
Background
Epsom, Surrey-based Family Building Society provides mortgage products and services designed to enable family members to provide mutual assistance for capital projects while safeguarding their savings. It is very popular with parents who want to help their children get on the housing ladder. The Family Building Society brand was launched by the National Counties Building Society in July 2014.
Within its IT security team, the Family Building Society has traditionally relied on manual systems for log management and analysis. While the manual process was working for known threats, it did not allow Family Building Society to identify and deal with unknown threats to the network effectively. To minimize the time and resource needed for log management and improve responsiveness when action was required, the decision was taken to implement a new solution.
We now think of Logpoint as a member of the IT Security team. It provides immediate answers to a lot of questions that we would have struggled to answer under a more manual system. We can take logs from everywhere that they need to be gathered and collate and analyse as much as we need and the process of ingesting data is very open
Andrew Ballard,
Head of Technical Design & Delivery, The Family Building Society
The challenge
Family Building Society began by undertaking a holistic review of its IT landscape to understand clearly where the gaps and pain points were in their cybersecurity posture. As part of this review, log retention and log analysis were both identified as priority areas for attention, and topics that were constantly being raised in regular reviews. The Family Building Society also wanted to enable the retention of log data and effective forensic analysis of security and operational events.
At the same time Family Building Society was going through the process of obtaining the Cyber Security Plus accreditation. To align with the requirements of the programme and address the input received from security assessors, having a Security Incident and Event Management (SIEM) system in place was considered a necessity.
Once Family Building Society had decided to implement a SIEM solution, they then needed to decide whether to deploy it in-house or as a managed service. With a long and successful history of providing internal IT services, the Family Building Society decided to bring the SIEM solution in-house. They also had to ensure that they had the necessary resources available to manage the system, the support and documentation to help them through the process, and the freedom to move to a managed service in the future if required.
The solution
Download the full case to learn how The Family Building Society achieves efficient forensic analysis with Logpoint: