The borough council of King's Lynn & West Norfolk has selected LogLogic solutions to meet the Government Secure Extranet (GCSx) and Connect Code of Connection (CoCo) compliance requirements.
Implementing LogLogic's log management solutions and specific GCSx reporting packages, the council will now be helped by LogLogic with the CESG Infosec Memorandum No. 22, which gives guidance on the development of a protective monitoring policy for information systems within government, its agencies and related commercial organisations.
The memo states that organisations need to monitor and record log data related to user activity and must store it for a minimum of six months. They also need to make this data easily available for use as part of any incident response policies, as well as help with any wider CESG investigation.
Guy Churchward, CEO of LogLogic, said: “GCSx and CoCo requirements present local authorities with a number of technical challenges. We are delighted that the borough council of King's Lynn & West Norfolk recognised the strength and technical capabilities of our solutions. We're now busy working with them on getting the installation complete so that they can hook into Government Connect as quickly and securely as possible.”
Chris George, information communication technology network consultant at the borough council of King's Lynn & West Norfolk, said: “To fully comply with the CoCo and GCSx controls we needed to identify a technology solution that was easy to install and use, but would also be heavyweight enough to pull the logs from all the devices and applications on the network into one location.
“Following a review of two technology providers' solutions, we made the decision to move forward with LogLogic. We could see that its solution could more than do the job required and it also incorporated a fully integrated log data warehouse and included multi-dimensional analytics as well.
“Moving forwards we also plan to use the LogLogic solution to help us comply with the CESG's mandatory Good Practice Guide 13 (GPG13) protective monitoring framework. This will help us to know even more about what's happening within our information communication technology infrastructure and further protect our data.”