In Beta 80 Group we use the clients’ language to develop ICT solutions. Business and technology come together and generate economic, social and cultural results. Let’s talk about it.

Theeventswhere we can meet and talk to each other directly.
Officialpress releasesissued to the media
Articlesthat talk about us and thenewswe want to tell you about
Advertising campaigns,the form of communication that’s easiest to read

T-SYSTEMS - Develpment of a dashboard for security and compliance control

"As part of the Deutsche Telekom group, T-Systems manages the ICT of multinational groups and public institutions, thanks to a data center and network infrastructure that extends worldwide. With an overall turnover for 2009 of 8.8 billion Euros and 45,300 professionals throughout the world, T-Systems has made a name for itself in combining market skills with innovation in the ICT context."

www.t-systems.it

Company: T-SYSTEMS
Sector: Services
Project: Conformity to legal regulations and internal standards
Solution: Development of a control dashboard for security and compliance

SCENARIO

Operating in an international context and on significant bids for tenders involves complying with a lot of different regulations and conforming to quality standards, both Italian and international:

Sarbanes-Oxley (Sox) SAS70 for companies quoted on the USA Stock Exchanges
ISO/IEC 27001
Italian Legislative Decree 196/03
Italian Legislative Decree 231/01

T-Systems consolidates logs coming from various systems into a single monitoring system, with the aim of promoting compliance with standards and legislative norms, as well as offering a new service to its clients, achieving greater efficiency and reducing costs. In order to protect and preserve its information assets, T-Systems decided to equip itself with a log management system to collect and correlate "events" from various systems and applications, through a single monitoring and alarm system.

SOLUTION

CA Security Command Center is the CA Technologies solution for managing security. The system reduces, groups together, correlates and orders on a priority basis the various security data, so as to contribute to managing the relative information overload. The solution took charge of the following risk scenarios:

Buffer overflow caused by an attack and consequent lack of availability of the relative critical service
Repeated failed logins to individual host by means of firewall (host very critical)
Repeated failed logins to individual host by means of firewall (host less critical, more "tolerant" intervention thresholds )
Repeated failed logins to a host transiting from a router
Repeated failed access to critical files carried out by the same host, by someone or by a process with insufficient privileges
Repeated errors of access to critical files carried out by the same host
Change in system configuration
Activation of new administration users
Use of probe to identify critical systems or known weaknesses
Critical assets under attack with high possibility of business being interrupted
Multiple disconnections from firewall by the same IP source
Non-secure password used to login with relative account
Virus or script detected in a web server system
Virus or script detected by servers' real time scanner
Detection of uses by local administrative default users.

BENEFITS

The implementation of the log management platform in T-Systems enables the following benefits to be obtained:

having available a single collection point for information from different platforms and equipment
limiting and controlling the impacts of the log management system on applications, systems and infrastructures
having available correlation rules and policies for events
activating alarms on the basis of correlation logics
having available a centralized security reporting system
compliance with ISO/IEC 27001 standard
having available a functional, easy-to-use system that guarantees accuracy and continual updating of the data collected.

Success Story T-SYSTEMS [336.07KB]