Photo : D.R.
All information systems, programmes and databases generate traces, from log in to log out – both of the individual user and of interactions between systems. Absolutely vital for businesses, these computer traces are no longer used simply for reports on the health and state of computer structures. Today, all operations require the use and extensive analysis of log data, from performance management to capacity requirements planning, internal HR research, audits, security incidents and more. The prospect of such data theft is catastrophic for businesses, and faced with such external (or internal!) menaces, all the firewalls in the world aren’t enough – vulnerable to break-ins at any given moment.
Loglogic was founded based on this principle. Specialised in the management of log data, the San José (California)-based company strives to maximise the potential of log data from all components and sources in order to protect information, minimise risks and reach operational excellence with the help of LMI (Log Management and Intelligence). “On average, more than 35% of a company’s data are computer traces,” according to Fabrice Prugnaud, Vice-President of Loglogic for Europe, the Middle East and Africa. “We are working with the CNIL (editor’s note: French Commission for Information Technology and Civil Liberties) and law firms (notably Baker McKenzie) to protect this type of data while respecting the legal framework.” There are three levels in the protection of computer traces: computing, market conformity and the law.
The computing level includes various grades of security, alerts and reports that aim to increase productivity. Certain norms and standards exist to guarantee their quality, including ISO, ITIL and COBIT. As log data management also serves to transform data into intelligent information, each code has a meaning (successful connection, connection refused, server attack, etc.). The second level, market conformity (also known as “verticals”) also includes a certain number of norms, with reports that are presented in the form of Excel or other diagrams that highlight the data. These norms include PCI (credit card conformity), SOX (an American accounting norm), HIPAA (pharmacy), NERC (energy companies) and more.
Finally, the third level, concerning legality, is associated with two different laws in France: Informatique et libertés (information technology and civil liberties) and Confiance en l’économie numérique (LCEN, or confidence in the digital economy). “This level must be taken extremely seriously. Failing to properly stock log data is severely punishable by law, with a risk of up to 150,000 euros in fines and three years of prison,” according to Fabrice Prugnaud. As the demands of the law differ from those of the CNIF, it is difficult to counterbalance the two. Loglogic has the expertise necessary to manage these legal contradictions, and to measure both risk and risk value. Investment return is guaranteed in six months or less for businesses of all sizes. Reports and alerts for personalised applications and unique components are completed in the space of just a few minutes, rather than days or weeks.
This speed allows for the minimisation of risk, as real-time alerts help reduce research performance time from 50 hours to 2 hours per incident. Business productivity is thus increased, as the demands of reports associated with audits and research are reduced. Finally, infrastructure costs decrease substantially thanks to the elimination of syslog servers and the double stocking of log data with the standardisation of reports and alerts.
Key figures
- Founded in 2002
- Present on 4 continents and in 12 countries
- 170 employees
- 1,000 international clients
- 250 distributors and retail partners
Source: Loglogic – August 2009
English 
