FoxHollow Technologies - External Security Audit Holds "No Surprises" for Medical Instruments Company

Security demands have always been rigorous in the heavily regulated life sciences industry. Consequently, FoxHollow Technology, Inc, a developer of medical devices headquartered in Redwood City, CA, has had security polices, best practices, and a number of individual application monitoring tools in place for some time.

Sarbanes-Oxley regulations, however, added a new dimension to security: extensive reporting. While procedures for monitoring security were in place at FoxHollow, the historical documentation and accumulative reporting that SOX requires was not.

Matthew W. Keller, Network Supervisor for FoxHollow realized last summer that writing new reports that compiled all of the data from all of the systems, applications, devices, etc., and present it in all the different renditions an external auditor might want to see would be a huge task to squeeze into an already full schedule and accomplish by end-of-year. With so many companies undergoing SOX audits, he knew there had to be an easier way.

LogCaster, the easier way
FoxHollow’s Senior IT Director learned of the LogCaster solution and brought it to Keller's attention. Keller reviewed the product and was pleased to find LogCaster had a robust set of pre-defined SOX reports.

“Implementation took less than a day and the reports and functions were useful immediately, right-out-of-the-box," said Keller, “But one thing was missing: a password policy report that the auditor had previously recommended.

Keller, who had talked with RippleTech's customer support team during installation, decided to put RippleTech’s “Extreme Support” program to the test. He contacted his service rep and explained the report he needed. RippleTech's chief software engineer, Venkat Subramanian, took responsibility for the request, created the report, and delivered it to Keller within the week. Keller termed the support effort “fantastic.”

Success and beyond!
FoxHollow Technologies passed its external audit in December and continues to rely on LogCaster reports to keep the Network Operations and the System Application teams apprised of security events.

LogCaster reports have proven valuable in other ways, too, such as alerting the staff to the need for additional disk space on one system and to a sharp increase in CPU utilization by a certain application on another system. In addition, LogCaster’s centralized repository of security event files now provides an “all-in-one” solution for continuous system monitoring, which eliminated the system-by-system monitoring process previously in place.

Reflecting on his experience with LogCaster, Keller said, “The reports I got from LogCaster gave me a high level of confidence that when I sat down with the auditors there would be no surprises."

And that’s what every IT professional wants: no surprises.

RippleTech's LogCaster product is available with pre-defined report sets to comply with Sarbanes-Oxley, HIPAA, FISMA and other government regulations, as well as such industry standards as ISO 17799 and the payment card industry's Data Security Standards. Report sets for other regulatory acts are forthcoming. Our Extreme Service is available to support your installation and use of LogCaster, and our NetForcement consultants are available to help solve your network security issues. Contact us at (866) 739-8587 or via email to info@rippletech.com.

Pass Your External Security Audit like FoxHollow - Download Now!