OnPoint Financial Corporation (Formerly First 1 Financial Corporation)
How EventLog Analyzer helps OnPoint Financial Corporation to comply with PCI-DSS regulation effectively?
Introduction
Indepth log analysis is essential in the financial services industry to meet compliance requirements and maintain enterprise-wide security. Financial services companies are entrusted with customers' financial data and so a continuous monitoring of the activity logs helps readily detect suspicious activities that could lead to breach of data.
The Customer
OnPoint Financial Corporation (Formerly First 1 Financial Corporation) is a leader in subprime automobile financing. Based in Norwell, MA, the company is led and staffed by professionals with many years of experience in the business.
Log Management Challenges
Mr. Yioulos, CIO of First 1 Financial Corporation was looking for a log management tool primarily to meet his Payment Card Industry - Data Security Standard (PCI-DSS) requirements. He also wanted to keep a watch on his systems to ward off potential internal and external threats.
The Narrowing Down
Mr. Yioulos evaluated a number of Open source and commercial products before narrowing down the choice to ManageEngine's Event Log Analyzer.
He was very pleased with the fact that he could download, install and try the fully functional product, all by himself, without any additional help. "Its easy to set up, no hunting around, very cleverly organized, pretty complete, and gives a quick sense of what is happening. An excellent tool to help meet our compliance needs!", says Dimitri Yioulos, CIO, First 1 Financial Corporation. The installation was very easy and the product was up and fully configured in less than 30 minutes. The canned PCI reports were just the thing he needed. The ability to customize and extend the canned report, was a big plus.
He also added that the user interface was very intuitive and provided easy-to-find views of analyzed logs on each of his monitored devices. To conclude, Mr. Yioulos said, "I would give an A+ to the capability of the product on the log collection, archiving and reporting front. I would recommend it to any administrator, in search of a log analysis product."
"Without a doubt, the compliance reports feature has been of great value to us here at First 1. We, of course, are subject to a number of laws and regulations, including PCI. The canned compliance reports in the EventLog Analyzer product remove the guesswork of having to decide what events to monitor to stay compliant. It couldn't be easier. And, for those laws or regulations for which there are no pre-built reports, creating your own is just as easy. Finally, the reports that are generated satisfy any compliance audit. We simply didn't see this level of ease of use and features, combined with polish, in other products."
Dimitri Yioulos
Chief Information Officer
First 1 Financial Corporation