First aid charity St John Ambulance is rolling out a security information system to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS).
The security information event management system (SIEM) from LogRhythm will automate reporting and simplify PCI DSS compliance.
Until now, the charity's IT team collected log data manually, making any analysis or forensic investigations time consuming.
St John Ambulance is classed as a level 3 merchant and has to comply with PCI DSS because of the income generated by its first aid services and training programmes.
The organisation chose the LogRhythm product to meet the log data requirements of PCI DSS after assessing a number of options.
"LogRhythm stood out as being more flexible and configurable than the others," said Karl Heydenrych, IT director at St John Ambulance.
"This ensures a better fit for the business and brings us a faster return on investment, which is important to a charity," Karl Heydenrych said.
According to Heydenrych, LogRhythm was the only product that offered integrated file integrity monitoring (FIM).
This meant that it was unnecessary to buy additional software to meet the FIM requirements of PCI DSS as well as simplify and strengthen security, audit and compliance processes, he said.
Heydenrych plans to develop LogRhythm's use to provide better visibility over changing activity across the entire IT estate by capturing and reporting anomalies.