LogLogic, a provider of IT Data Management, SIEM and log management, said the Borough Council of King’s Lynn & West Norfolk has selected its log management and intelligence offering to help meet the Government’s GCSx and CoCo compliance requirements.
LogLogic Northern Europe sales director Mike Heredia said all local authorities in England and Wales must use the official internal networking environment that has been developed – called Government Connect (GC).
"The network for this is called GCSx and it enables secure data sharing up to restricted level across government. GC is critical as it allows local authorities and central government to exchange information securely over a private network rather than the Internet," Heredia said.
"All parties also need to sign up to the Code of Connection (CoCo) that defines minimum standards and processes, before being able to connect to GCSx."
The Borough Council of King’s Lynn & West Norfolk will now use LogLogic’s log management offerings and specific GCSx reporting packages to meet the CoCo standards and connect to GCSx.
LogLogic will help with CESG Infosec Memorandum No. 22, which gives guidance on the development of a protective monitoring policy for information systems within government, its agencies, and related commercial organisations.
As per the memo, organisations need to monitor and record log data related to user activity and must store it for a minimum of six months. They also need to make this data easily available for use as part of any incident response policies, as well as help with any wider CESG investigation.
The Borough Council of King’s Lynn & West Norfolk ICT Network Consultant Chris George said to fully comply with the CoCo and GCSx controls they needed to identify a technology solution that was easy to install and use, but would also be heavyweight enough to pull the logs from all the devices and applications on the network into one location.
"LogLogic offering could more than do the job required and it also incorporated a fully integrated log data warehouse and included multi-dimensional analytics as well," George said.
"The solution would also be straightforward to install and came complete with a GCSx reporting package which will make ongoing compliance validation easy.
"Moving forwards we also plan to use the LogLogic solution to help us comply with the CESG’s mandatory Good Practice Guide 13 (GPG13) protective monitoring framework – this will help us to know even more about what’s happening within our ICT infrastructure and further protect our data."