Bourne Leisure implements Logrhythm for PCI DSS compliance
Bourne Leisure is implementing an integrated log & event management solution from LogRhythm.
Primarily being used to meet requirements in Bourne Leisure’s PCI DSS compliance project, LogRhythm will also identify network problems, and ultimately become one of the primary support tools used by the Bourne Leisure IT team.
Bourne Leisure Limited has over 35 years of experience in the UK holiday market. Within the group are well known and established brands such as Haven, Warner and Butlins.
Bourne Leisure’s primary focus is on selling – whether it’s caravans, holiday breaks or the entertainment and hospitality available across its 51 locations around the UK. Bourne, along with every other company handling credit cards is subject to the Payment Card Industry Data Security Standards (PCI DSS) which aim to help protect card holders’ data and have specific requirements around log data centralisation, archiving, monitoring and reporting for security and audit purposes.
While Bourne Leisure has been making some use of its log data, it hasn’t had any means of centrally pulling the information together from its numerous operating systems and servers. As such,log data analysis was time consuming, difficult to consolidate and often didn’t reveal the bigger picture.
To address this, Bourne Leisure is implementing a log management, analysis and event management solution from LogRhythm which, as well as ticking the PCI DSS compliance box, will bring greater control over and visibility of the entire IT infrastructure. Jeremy Stancombe, IT manager at Bourne Leisure explains the choice.
“Before deciding on LogRhythm, we drew up a comprehensive matrix of requirements from both our technology and business teams and assessed a number of log management solutions against it. Not only did LogRhythm score highly against these criteria, but we were very impressed with the level of interaction we had with the company, constant updates and regular site visits.
As well as meeting the necessary requirements for our PCI DSS project, we found the LogRhythm consultants extremely empathic and hard working, putting themselves in our shoes and suggesting additional benefits that the solution could bring to the business. These included a series of ad-hoc queries allowing us to analyse website traffic in real time and allowing the IT team to assess the overall performance of the various Web sites the company runs. LogRhythm is also relatively straightforward to deploy and came in at a cost effective price.”
Phase one of the LogRhythm implementation will focus on Bourne Leisure’s cardholder data environment and once this has been achieved, the solution will be rolled out across the organisation.
