Customer Success Story: Adriatic Slovenica – ArcSight delivers full system visibility to support GDPR compliance and improved productivity
Responding to a diverse threat environment and increasingly stringent regulatory requirements, including GDPR, Adriatic Slovenica sought to structure its security processes.
Products and Services:
ArcSight Enterprise Security Manager
ArcSight Data Platform
- Full visibility through structured security and operations processes
- Improved productivity through centralised audit trail
- Minimised time to identify and rectify security incidents
- Self-serve reporting for business users through user-friendly interface
“ArcSight has given us the visibility and the processes to identify and solve any security incidents much faster than we could before. A full risk assessment helps us understand the implications of any actions.” – Sandi Bižal, Security Officer, Adriatic Slovenica
As a financial services institution, Adriatic Slovenica holds sensitive customer data, including medical records, and has to comply with very stringent data privacy regulations. With GDPR on the horizon, Adriatic realised it needed a far more structured approach to its security and operations processes, as Sandi Bižal, Security Officer for Adriatic Slovenica, explains: “In compliance with GDPR, we need to provide full audit trails for all our applications. In general, we lacked visibility into our systems. We were worried we could not easily track data access, and we would not be able to identify a security breach fast enough. The process of managing our security operations was manual and time-intensive.”
Bižal had worked with regional Micro Focus Gold Partner SRC before and engaged them on this project. SRC is an IT company specialising in digital transformation. Simon Simčič, Systems Engineer with SRC: “In a diverse threat landscape and with increasing regulatory compliance requirements, we recognised that this was not just about improving security, but about introducing structure and processes to gain full visibility of the environment.”
Just two IT security staff support an organisation of 1,500 users, so a user-friendly interface was an important consideration. Bižal wanted to ensure the complete, diverse Adriatic Slovenica application landscape was covered by a security solution, and connector integration was key. Finally, price was an important factor. After evaluating several solutions, Bižal, together with the responsible colleagues for IT security and infrastructure, decided the ArcSight suite of solutions would best fit their requirements. He comments: “ArcSight delivered what we needed, and I was pleasantly surprised at the price.”
Once SRC and Adriatic Slovenica defined the security and operations model, the ArcSight implementation only took three months. ArcSight Enterprise Security Manager (ESM) was introduced first to monitor security events across the environment. ESM’s multi-tenant support proved very useful with Adriatic Slovenica’s sister companies in Croatia and Slovenia. All companies share systems and data and, using ArcSight ESM, they have been able to logically separate the data so that access is only allowed for authorised individuals. This was especially important as some customer data includes sensitive medical information.
ArcSight Connectors ensured security policies are applied to all applications, covering a broad portfolio. Bižal comments: “We found the ArcSight Connectors very easy to configure. We use many disparate data sources, all producing events that need to be logged. With ArcSight Connectors we collect information from the entire environment, for a comprehensive picture at any time.”
ArcSight Management Center provides the central control Adriatic Slovenica looked for. ArcSight Logger, as part of ArcSight Data Platform, holds a centralised audit trail for all business applications. Previously, the organisation would have to manually run audit trails on all relevant applications. Now, this is done much faster through one log search.
ArcSight Activate Framework, a content development process, is used to define processes that go beyond security, as Bižal explains: “We look to optimise our entire environment to minimize security incidents. ArcSight gives us an operations as well as security perspective for this. It has helped us become much more process-driven and structured.”
“We found the ArcSight Connectors very easy to configure. We use many disparate data sources, all producing events that need to be logged. With ArcSight Connectors we collect information from the entire environment, giving us a full picture at any point.” – Sandi Bižal, Security Officer, Adriatic Slovenica
Thanks to the user-friendly interface, Adriatic Slovenica business and legal users are able to leverage ArcSight directly for their own reporting purposes and Bižal has full visibility of everything. He says: “Cyber security threats are a fact of life and a security product alone won’t solve this problem. However, ArcSight has given us the visibility and the processes to identify and solve any security incidents much faster than we could before. A full risk assessment helps us understand the implications of any actions.”
“With GDPR we are required to track data access even more,” he adds, “ArcSight correlates issues from lots of disparate data sources, helping us see trends and links in seemingly unrelated minor security incidents so that we can address them straight away before they negatively affect our users or clients.”
Bižal concludes: “This was one of the best projects I’ve worked on in my career. We received excellent support from SRC and ArcSight has given us a competitive advantage we are proud of. We feel confident that our security operations is ready to deal with any challenges that come our way.”
For more information on this case study and ArcSight platform, contact our Micro Focus Product Manager Daniel Bednjicki at firstname.lastname@example.org