This is an ongoing time-saver and we’ve seen a substantially high ROI since first purchasing the solution in 2009. We strive to work smarter and we’ve found that Alert Logic helps us do that.
Bob Stahr, Director of Information Systems
Want to learn about Alert Logic solutions?
Trust in Transactions
PCI Compliance for Top Brands
With Fortune 500 customers from Microsoft and Starbucks to Nike and GameStop, security and compliance cannot be a second thought. For many of their largest clients, Sunrise Identity develops and hosts e-commerce stores and employee/partner portals, leveraging credit card payment processing and mandating PCI compliance. In order to achieve PCI DSS compliance as well as ensure business operations align with security best practices, Sunrise Identity began their search for the right security solution.
To address their security and compliance mandates, they first identified key capabilities that would meet requirements: log management, vulnerability scanning, and intrusion detection. Initially, the team attempted to address this internally with a homegrown solution to store and maintain log files, but this was too time intensive and was not cost effective to tie-up limited resources in-house. Most importantly, the team was spread thin.
Sunrise Identity’s business is growing on an exponential scale so they must focus their IT personnel on their core business to support growth and strategic projects.
Maintaining a high level of security and compliance is part of our brand – we want our customers to have great confidence in doing business with Sunrise Identity.Bob Stahr, Director of Information Systems
Why Alert Logic?
The Sunrise team searched for options and first learned about Alert Logic from a PCI consultant. As one of four vendors suggested for consideration, Alert Logic’s Log Manager and Threat Manager proved to be the best solution as it is fully managed, delivered as-a-service, addresses key PCI DSS compliance mandates, and can work in hybrid IT environments. Other solutions required a large capital outlay, professional services, and/or multiple vendors to address the same.
With Alert Logic’s solution, Stahr’s team receives alerts and escalations from Alert Logic’s 24x7 Security Operations Center (SOC) when incidents are identified in real time. PCI vulnerability scans are run on a regular basis and any issues or risks that are identified are remediated with the help of the Alert Logic SOC. Sunrise is also able to run pre-built PCI compliance reports to prepare and support PCI audits and can perform log and event research when there is a perceived threat or issue. This proactive protection and notification from Alert Logic gives Sunrise Identity the right level of protection at a fraction of the cost of building and maintaining IT in-house.
A benefit of subscribing to a managed service was that the time to implement the solution was minimized. The Alert Logic team did much of the work in collaboration with the Sunrise team. Alert Logic Threat Manager and Log Manager protects the primary datacenter, remote offices, as well as Amazon Web Services (AWS) deployments. Once implemented, the solution’s positive results were seen almost immediately.
Their choices have translated into practical results within the Sunrise Identity environment. External vulnerabilities have been identified and remedied through vulnerability scanning. Specific attack vectors identified through Alert Logic’s Threat Manager have been subsequently closed off in the firewall. Searching log events with Alert Logic’s Log Manager helps eliminate false positives and determine if certain attacks have been successful. They even use Log Manager to troubleshoot certain Active Directory issues such as the source of user lockout problems. Another reason they use Alert Logic is for aggregating data into one view. “This is an ongoing time-saver and we’ve seen a substantially high ROI since first purchasing the solution in 2009,” said Stahr.