The Company:
A major healthcare system operating a network of hospitals and leading medical research facilities. The organization places a strong emphasis on technological innovation to enhance patient care and drive breakthroughs in medical research. They also prioritize safeguarding the security of their systems and sensitive healthcare data.
The Challenge:
- SIEM replacement urgency: The health system’s contract with their Managed Security Service Provider (MSP) was soon to expire, and their legacy QRadar SIEM environment was reaching end-of-life, making it unsupported. They needed a swift transition to a modern SIEM solution before the new MSP took over.
- Complex log sources: Managing multiple log source types, including Windows, Linux, firewalls, network appliances, and systems with forwarding limitations presented a challenge for rapid deployment.
- Massive data volume: Ingesting, storing, and analyzing over 1 billion logs required a scalable and efficient security solution.
The Solution
Onix responded with a rapid implementation of Google Chronicle, ensuring the health system’s readiness for the new MSP. Key elements included:
- Google Chronicle expertise: Onix’s proficiency with Google Chronicle enabled a fast and streamlined deployment, meeting tight timelines.
- High priority data ingestion: Onix configured Chronicle to ingest critical logs from Windows, Linux, firewalls, network appliances, and other key systems.
- Log routing customization: Onix developed an innovative solution to route logs from a custom Syslog redirection application that posed challenges for direct Chronicle integration.
Outcomes
- Successful data integration: Over a billion logs were seamlessly ingested into Chronicle, providing a comprehensive security monitoring foundation for the new MSP.
- Enhanced security posture: Chronicle’s advanced capabilities and scalability empowered the health system with enhanced threat detection and streamlined incident response.
- Rapid time-to-value: By deploying Chronicle in a compressed time frame, the health system gained immediate protection against security threats while addressing crucial security infrastructure requirements.
Conclusion
Onix’s security expertise and efficient project execution proved essential in helping this network of hospitals quickly adopt Google Chronicle as their new SIEM solution. This rapid upgrade bolstered their security posture and enabled a smooth transition to their new MSP, safeguarding their vital healthcare systems and data.