INTELLIGENT BRANDS // Software for Business

Software applications provider Sandfield has deployed LogRhythm ’ s SIEM platform solution to ensure client applications and data are fully protected from external threats .

The company ’ s services and product portfolio includes software and website development , application delivery , database administration , mobile app development and integration services . Sandfield supports clients throughout New Zealand and around the world .

As it has grown during the past few years , Sandfield has increasingly been taking on larger and more complex client projects . This has required an expansion of the company ’ s cloud operations and an increase in processing and storage capacities .

Justin Knight , Head of IT Operations at Sandfield , said this growth had also led to the need for increased IT security measures to ensure client applications and data were fully protected from external threats . At the same time , the organization benchmarked its protocols against an international standard to ensure their capabilities would be protected .

“ About 18 months ago , we achieved our ISO ISO27001 certification ,” he said . “ As a part of that , and to ensure we had all the required controls in place , we realized we needed better insight into and management of our security measures .”

Initially , the company ’ s IT team assessed whether this could be achieved using internal staffing and resources . However , it quickly became apparent that this would not be the most effective approach .

After examining a range of alternatives in the IT security space , a decision was taken to engage the services of New Zealand managed services provider Advantage .

Advantage assessed Sandfield ’ s specific requirements and recommended that the LogRhythm-based Security Information and Event Management ( SIEM ) platform be deployed . The project began in early 2021 with a proof-of-concept ( PoC ) before rolling it out to cover all critical systems .

“ The first step for us was to enable LogRhythm to capture all our Windows and firewall logs ,” said Knight . “ Since then , we have added logs from our AWS and Azure cloud environments as well as Google Workspaces .”

Knight said the fact that Advantage already had a comprehensive knowledge of LogRhythm was invaluable as it allowed the new security framework to be up and running very quickly . “ By using their team of experts , it meant our internal IT team did not have to fully understand the complexities of the

platform before we could put it into action ,” he said .

Advantage also worked to include a stream of New Zealand-specific security data into the system , including Malware Free Networks from the New Zealand Government Security Bureau , to further improve protection . This data helps to identify localized threats that may have already been flagged by other organizations .

With the LogRhythm SIEM platform now fully functional and receiving logs from a range of core systems , Knight said the biggest benefit has been ‘ peace of mind ’.

“ We know that we now have better visibility of all our security logs and events ,” he said . “ We can be confident that any misconfigurations , breaches , or unauthorized access of our systems will be quickly picked up .”

Knight said the level and extent of protection enjoyed by the company would simply not have been possible to achieve without LogRhythm . As an example , in a recent month there were more than 191 million logs ingested by LogRhythm , of which 3.5 million were forwarded to a second stage for closer analysis by Artificial Intelligence tools . p

www . intelligentcio . com INTELLIGENTCIO APAC 71