Verizon Business will offer enterprise customers a better way to protect their software and Web applications that underlie critical business processes. The new Application Log Monitoring and Management Service will augment Verizon Business’ Managed Security Services (MSS) portfolio, which helps deliver end-to-end protection of an organisation’s entire IT “stack” (the computing structure that includes the network, data, application and user layers).
The new service enables customers to efficiently log, track and analyse user and system activity of software and Web applications, operating systems, and Web and database servers while avoiding the cost and complexity of building, maintaining and monitoring an in-house log management infrastructure.
The new offering enables users to better mitigate risk, control IT costs, reduce complexity, and automate security compliance initiatives. As a result, customers can react more quickly to security threats, gain speedy access to critical information, and facilitate security compliance audits.
“Today’s approach to security is holistic,” says Kerry Bailey, vice-president of Verizon Business Security Solutions. “Gone are the days of relying solely on network-layer security to protect information assets. As the leading global provider of managed information security solutions and operator of one of the world’s most expansive IP networks, we are well-positioned to secure our customers’ infrastructure – from the network to the user level, and everywhere in between.”
According to industry analyst firm Forrester Research, Internet attacks are shifting from the network to software and Web applications.
The firm notes: “Cyber attacks have moved up from the network layer to the application layer. Applications, especially Web applications, have become prime targets for attackers because they create, present, modify, and store sensitive data, from credit card numbers to intellectual property.”
By outsourcing their log management infrastructure to Verizon Business, customers can better protect their global operations against security threats. The managed service includes automated collection, correlation, analysis of current and historical data, comprehensive reporting, secure archiving, and retrieval of application log data such as audit records and user activity logs.
Using advanced correlation and classification of logged security data, Verizon Business’ team of security experts can filter out real threats and, when necessary, react quickly to neutralise potential threats and attacks against customers.
A key feature of the service is that it allows organisations to maintain the proper IT controls and reporting requirements needed to help them address industry standards and security regulations such as the Federal Information Security Management Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA), COBIT 4.0, Payment Card Industry Data Security Standard (PCI DSS) and ISO 17799. Best practice IT frameworks dictate that organisations collect, periodically review and securely archive their security log data for a defined period of time.
Additionally, the ability to archive log data provides customers with secure, scalable storage and fast access to log data on the customer premises, which helps to facilitate quicker security audits.