Is your IT system compliant?

That us a tough question for CIOs or CISOs to answer with confidence.

That us a tough question for CIOs or CISOs to answer with confidence. But it is being asked more frequently, thanks to regulations such as HIPAA, PCI:DSS, Sarbanes-Oxley and Basel 2.

It has given a niche to LogLogic, one of the few firms to specialise in analysing the log files that every IT system produces.

Pat Sueltz, CEO of the firm, says in the old days, analysing logs was left to hard-core IT, network and security professionals. But increasingly those who manage parts of the company, such as finance or human resources, also need to understand log records.

"Very few people these days can read a core dump and understand what is going on," she said. LogLogic has developed an appliance that pulls log data from systems in real time, and uses software to chart trends, highlight exceptions and track remote attempts to access system resources, among other things.

This enables operations staff, administrators and non-technical employees to work with log files and time-lines to create a storyboard that captures any chain of events surrounding a given incident.

Sueltz already has three of the top four telecommunications network operators as customers, as well as financial services firms, health care outfits, and government agencies.

The market is presently driven by the need to conform to regulations, security concerns and the need to run IT more efficiently because budgets are tightening, Sueltz said. "The logs are the place to start because they measure everything," she said.

Read more on IT risk management