The Hungarian members of Vienna Insurance Group
The clients are the Hungarian members of the Vienna Insurance Group: UNION Biztosító (UNION Insurance Co.), ERSTE Biztosító (ERSTE Insurance Co.), Vienna Life Biztosító (VL Insurance Co.), ERSTE Biztosítási Alkusz and Money & More Zrt. The IT infrastructure is partly integrated and collectively, the number of employees is around four hundred.
According to the relevant Hungarian regulations, the log messages of the individual legal personalities should be stored separately, so we had to install separate lightweight systems for each members of the group. Due to the limited human resources of the client, the administration of the log collection was outsourced to PR-AUDIT. The integration of critical back office business applications was a must, an internal audit requirement.
The project and results
The LOGNESS framework was pre-installed by PR-AUDIT and integrated as black-box security „appliances” in the group members’ (Hungarian members of Vienna Insurance Group) network in order to protect log messages from system administrators. Administration at every level of the system (OS, application, DR, etc) is provided by PR-AUDIT. For the smaller members of the group, a standalone appliance was enough to process around 10-15M log messages per day. For continuous support of the system, secure remote connection (S2S VPN) was established to the PR-AUDIT office.
After infrastructure logging was successfull, negotiations were started to fullfill the internal audit requirement of the integration of critical business applications. Business unit leaders, internal auditors and IT process organizers were involved in the process. First, the relevant applications, the actual audit level and the location of audit trail information were defined, than the expected structure of log messages and the log collection methodolgy was specified by PR-AUDIT experts. Log messages stored in log files were read and forwarded by LOGNESS Windsender. Business units defined the relevant and critical transactions, their unique identifier and according to these pieces of information, log reports, real-time alerts were generated in the system.