Atlas Pipeline Mid-Continent Passes First External SOX 404 Audit With High Marks

As a publicly traded company, Atlas Pipeline Partners (http://www.aplmc.com/) has complied with Sarbanes-Oxley security requirements for several years. Nevertheless, in July 2004 Atlas was formally notified by regulators that it had one year to bring into compliance its newly acquired division, Atlas Pipeline Mid-Continent LLC, a natural gas midstream company based in Tulsa, OK with 2300 miles of pipeline in Oklahoma and Texas. In August 2005, Atlas hired Tony Dionisio, an IT professional with 8 years experience, to get the job done.

Don't reinvent the wheel
Not being one to re-invent the wheel, Dionisio's first plan of attack was to replicate in Tulsa the corporate security practices. As it turned out, he quickly realized that his IT staff was too small to support the security practices manually.

Out of necessity, he sought other solutions. With input from colleagues and staff and a few well-crafted keywords entered into Google, he found numerous software solutions to consider. To narrow the field, he read product reviews, visited websites, and checked out discussion groups and blogs to learn what actual users thought of the various applications.

For those packages he found most promising, he queried the vendors directly about the products’ capabilities. While compliance with Sarbanes-Oxley was a major consideration, Dionisio also grilled the software vendors about the ease of integration into Mid-Continent's network, the ease and flexibility of back-up and recovery processes, and the support for Microsoft SQL. These requirements proved major obstacles for several well-known packages.

Biggest bang for the Buck
When it came to the LogCaster product, Dionisio liked what he read, and when he talked to a RippleTech rep, Mike Lyons, he liked what he heard. "LogCaster offered the biggest bang for the buck," Dionisio says. “Even the more expensive packages were not as robust.”

Dionisio downloaded a free trial copy, and Lyons walked him through an installation in less than 2 hours. By the next day, Dionisio was looking at security reports for Mid-Continent’s network. He was sold.

Less than three weeks later, when the company underwent an external audit by an accounting firm Dionisio saw the arrival of the auditors as an opportunity for a dress rehearsal for the LogCaster product and the processes he had in place.

With Flying Colors
The accounting firm found no significant deficiencies in Mid-Continent’s security policies, controls, enforcement and reporting. The few additional security measures the auditor recommended were easily implemented by refining the existing LogCaster parameters and reports. Mid-Continent passed its audit, and Dionisio was pleased though not surprised.

By turning to LogCaster for pre-defined Sarbanes-Oxley compliance reports, Dionisio believes Mid-Continent is leveraging the regulatory knowledge embedded in LogCaster as well as the collective intelligence and market demands of RippleTech’s broad customer base.

He also believes that RippleTech's Extreme Support lives up to its name. “When I have a question,” he said, “RippleTech is back to me quickly with a phone call or WebEx session to demonstrate the alternatives, and since phone support is included in the maintenance fee, I don’t pay extra for getting the answers we need. I like that."

Selecting LogCaster was a good decision, Dionisio says. It saved his division time and money and provided a quick, effective way to protect the Mid-Continent network and meet Sarbanes-Oxley requirements. One year and one upgrade later, Dionisio says he would make the same decision again. From RippleTech's perspective, that is how it should be.

RippleTech's LogCaster product is available with pre-defined report sets to comply with Sarbanes-Oxley, HIPAA, FISMA and other government regulations, as well as such industry standards as ISO 17799 and the payment card industry's Data Security Standards. Report sets for other regulatory acts are forthcoming. Our Extreme Service is available to support your installation and use of LogCaster, and our NetForcement consultants are available to help solve your network security issues. Contact us at (866) 739-8587 or via email to info@rippletech.com.

Pass Your Security & Compliance Audit like Atlas - Download Now!