IBM QRadar SIEM Customization and Implementation for a Hospital with 2000+ Staff

Customer

The end Customer is a Saudi Arabia health organization employing over 2,000 medical experts and offering a full range of primary, secondary and tertiary healthcare services in Orthotics and Prosthetics, Oncology, Ophthalmology, Cardiovascular and Dermatology areas as well as chronic care management.

Challenge

To ensure information security of financial transactions, care services and research processes, the end Customer commissioned a large local system integrator to deploy a HIPAA-compliant IBM Security QRadar SIEM solution to their internal infrastructure.

The system integrator decided to tap into ScienceSoft’s expertise in design, customization and implementation of SIEM solutions and in-depth knowledge of the QRadar platform.

Solution

The deployment of SIEM for a hospital project included an advanced configuration and fine-tuning of QRadar through incorporating periodic discovery scheduling, device crawler configuration and device backup setup.

The following functionality was added:

• Custom event properties
• Custom dashboards (Antivirus, System and Network)
• Reports
• Threat Cases for Active Directory and Windows Servers

Upon the deployment, our IBM-certified consultants performed an onsite health check and offered recommendations on:

• Upgrade options
• Hardware update opportunities
• Further security analysis
• Configuration options for the customer’s IT environment

Results

The Customer received a HIPAA-compliant QRadar SIEM solution configured to ensure information security of internal processes, systems and devices. The SIEM for a hospital solution can process over 100 million medical transaction events per day (that is, 1,500 events per second). Our specialists also provided the Customer with detailed recommendations on further architecture adjustments and upgrades.

Technologies and Tools

IBM Security QRadar SIEM, Shell, Python, MS SQL Server.