A World Class Pediatric Medical Center

418
-1

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
418
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

A World Class Pediatric Medical Center

  1. 1. IBM SoftwareSecurityHealthcareA World-Class PediatricMedical CenterCentralizing security and compliance managementwith IBM Security QRadar SIEMOverviewThe needAs the number of patients served isexpected to increase, this world-classpediatric medical center needed asolution that would help centralize itssecurity and compliance programs,and that could scale security operationsfor comprehensive visibility into thenetwork architecture.The solutionAn advanced security informationand event management solution thatcentralizes and correlates logs andevents to provide staff with integratedsecurity intelligence.The benefitProvided deep insight into networkenvironment; detected malware thatpreviously hadn’t been identified;saved administrators time.With incredible growth across hospital information systems, thismedical center’s security administration team realized it had a challengewith managing data for compliance, as well as maintaining a secureenvironment. With limited staff and resources, the team needed tofind a way of better managing the dramatically growing logs of data.The organization recognized that centralizing its log collection withouta unifying solution was becoming burdensome in the quest to identifypotential offenses on its network. With so many log sources producingdisparate silos of information, the security team struggled with correlatingmeaningful alert information and effectively identifying potential offensesin real time.“Prior to implementing QRadar® software [now IBM® SecurityQRadar software], we were filtering logs from multiple sourcesthrough Syslog, which wasn’t ideal,” says a security administrator forthis world-class medical center. “We understood the capabilities anext-generation SIEM [security information and event management]product would provide, but we needed to educate ourselves and themanagement team on the solutions that would make sense for us.”
  2. 2. 2SecurityHealthcareIBM Software“The biggest benefitto deploying QRadarsoftware was that afterthe initial mplementation,we were up and runningimmediately.”—Security Administrator, A World-ClassPediatric Medical CenterExtracting intelligence and helping the SecurityAdministration team scaleWith the data environment growing daily, it was clear that scale wouldplay an enormous factor in the decision to deploy QRadar software,especially where the number of logs was escalating to millions every day.What the team at the medical center found was that QRadar softwareoffered robust integration with so many of today’s network and securitycomponents so that it could correlate data from all the log-producingsources already deployed.“Part of the decision to deploy the solution was that our team believedwe would extract more intelligence from more components with QRadarsoftware, as compared with other market solutions,” says the securityadministrator. “Our goal was to centralize the location for where wecould correlate logs and events so we could run reports out of onesolution to provide us with the integrated intelligence we have beenlooking for.”Flow data delivers real-time intelligenceBy leveraging flow data from QRadar software, this medical center cangain deep insight into its network environment that it was unable to withany solution it previously used, or was considering.“As we deployed QRadar, I wasn’t even aware of the behavioral analysiscapabilities in the product,” says the security administrator. “QRadar’sbehavioral anomaly detection functionality enables us to correlatemisconfigured systems and detect malware that we weren’t previouslyidentifying. For example, this provided us with the ability to detectwhether a specific machine is infected by something like a botnet.”
  3. 3. 3SecurityHealthcareIBM SoftwareSolution componentsSoftware●●IBM® Security QRadar® SIEM“Part of the decision todeploy the solution wasthat our team believedwe would extract moreintelligence from morecomponents with QRadarsoftware, as comparedwith other marketsolutions.”—Security Administrator, A World-ClassPediatric Medical CenterAs the team continues to scale up security operations with IBM SecurityQRadar SIEM, it is able to effectively streamline overall securityprocesses so staff can use the solution to pull the actionable informationnecessary from logs and events. Centralizing its program throughIBM Security QRadar SIEM helps save the time it took pulling logs frommultiple sources, as well as event information that a small team could notafford to spend the manual time analyzing.“With a SIEM deployment, being able to collect logs upon deploymentwas unheard of with any other solution,” says the security administrator.“I didn’t have to spend a lot of time or money on professional services tostart getting results, and I didn’t have to coordinate extensive training formy staff because QRadar is intuitive and is easy to use.”For more informationTo learn more about IBM security solutions, please contact yourIBM representative or IBM Business Partner, or visit the followingwebsite: ibm.com/securityTo increase the business value of your IBM security solutions,participate in an online community. Join the IBM securitycommunity at: http://instituteforadvancedsecurity.comAdditionally, IBM Global Financing can help you acquire the softwarecapabilities that your business needs in the most cost-effective andstrategic way possible. We’ll partner with credit-qualified clients tocustomize a financing solution to suit your business and developmentgoals, enable effective cash management, and improve your total cost ofownership. Fund your critical IT investment and propel your businessforward with IBM Global Financing. For more information, visit:ibm.com/financing
  4. 4. © Copyright IBM Corporation 2013IBM CorporationSoftware GroupRoute 100Somers, NY 10589Produced in the United States of AmericaFebruary 2013IBM, the IBM logo, ibm.com, and QRadar are trademarks of International BusinessMachines Corp., registered in many jurisdictions worldwide. Other product andservice names might be trademarks of IBM or other companies. A current list ofIBM trademarks is available on the web at “Copyright and trademark information”at ibm.com/legal/copytrade.shtmlThis document is current as of the initial date of publication and may be changed byIBM at any time.The performance data and client examples cited are presented for illustrativepurposes only. Actual performance results may vary depending on specific configurationsand operating conditions. It is the user’s responsibility to evaluate and verify theoperation of any other products or programs with IBM products and programs.THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS”WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDINGWITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FORA PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OFNON-INFRINGEMENT. IBM products are warranted according to the terms andconditions of the agreements under which they are provided.The client is responsible for ensuring compliance with laws and regulations applicableto it. IBM does not provide legal advice or represent or warrant that its services orproducts will ensure that the client is in compliance with any law or regulation.Statement of Good Security Practices: IT system security involves protecting systemsand information through prevention, detection and response to improper access fromwithin and outside your enterprise. Improper access can result in information beingaltered, destroyed or misappropriated or can result in damage to or misuse of yoursystems, including to attack others. No IT system or product should be consideredcompletely secure and no single product or security measure can be completely effectivein preventing improper access. IBM systems and products are designed to be part of acomprehensive security approach, which will necessarily involve additional operationalprocedures, and may require other systems, products or services to be most effective.IBM does not warrant that systems and products are immune from the malicious orillegal conduct of any party.WGC12347-USEN-01 Please Recycle

×