Beyond Compliance: Security at the San Francisco Police Credit Union

The San Francisco Police Credit Union (SFPCU) provides financial services to the first responders — from emergency medical to firefighters and police officers — who protect the San Francisco Bay Area. The credit union, with five branches covering some 32,500 members, is charged with protecting not only the finances of public safety personnel, but personal information as well.
As a credit union, the SFPCU must stay in compliance with a series of complex laws and standards ranging from the Gramm-Leach-Bliley Act to guidelines established by the National Credit Union Association. To enforce these rules, the SFPCU uses McAfee’s SIEM solution, Enterprise Security Manager (ESM) to monitor the union’s networks, track security events, and analyze possible threats. Enterprise Security Manager’s out-of-the-box compliance dashboards help the SFPCU meet regulatory requirements and standards.

Threats and compliance are two of the major challenges facing many security teams, but compliance is just one part of the security jigsaw puzzle. Compliance standards set a minimum requirement for securing private information, but compliance alone does not mean a network is secure from today’s threats.

As a SIEM solution designed for real-world threats, Enterprise Security Manager consolidates, correlates, assesses and prioritizes security events for both third-party and McAfee solutions. It also takes advantage of McAfee’s Global Threat Intelligence, offering McAfee Enterprise Security Manager enhanced situational awareness by enabling rapid discovery of events involving communications with suspicious or malicious IPs. The automatic and integrated nature of McAfee Enterprise Security Manager streamlines reporting and auditing processes, enabling faster response times when threats are detected.

McAfee Enterprise Security Manager continues to meet the evolving needs of SFPCU’s security and compliance team, offering automated reporting, and compliance audits as well as the ability to investigate and manage incidents. Dataway, a global managed services provider specializing in network security services, implemented ESM on behalf of SFPCU and manages the solution on an ongoing basis.

Compliance is a major facet of information security for many organizations, but compliance alone is not a gold standard for security in today’s threat ecosystem.

For more tips and tricks with McAfee’s SIEM solution, Enterprise Security Manager , follow @McAfeeSIEM on Twitter, or explore our SIEM community blog to get the latest techniques to protect your organization.

Leave a Comment

nine − seven =