Land Registration Systems, Inc. (LARES) is tasked with implementing, funding, and delivering the nationwide implementation of the Philippines’ major modernization project on land registration.

Employees:

6,000
Office locations:

160+

Summary

Challenges

Ongoing compliance with government cybersecurity and operational requirements.
Staying ahead of the cybersecurity curve in a country with recent high-profile data breaches.

Solution

Bolstered security posture with real-time threat detection.
Integrated different data sources for the most efficient analysis and correlation.
Transformed an outdated IT support model.

Results

Streamlined and automated cybersecurity auditing
Centralized IT management to save time and reduce risk
Improved efficiency of incident handling

Challenges

Maintaining compliance with government cybersecurity and operational requirements despite a lack of centralized visibility
Staying ahead of the cybersecurity curve in a country with recent high-profile data breaches
Logistical difficulties in providing IT support to thousands of distributed users
Manual and time-intensive auditing processes

The Philippines faces significant cybersecurity challenges, making it highly susceptible to cyberattacks. Factors contributing to this vulnerability include widespread internet usage, a lack of cybersecurity awareness, and underdeveloped cybersecurity infrastructure. As a result of several recent high-profile data breaches, research shows that the greatest concern among organizations in the Philippines is loss of personal data.

When new CEO Mr. Teddy Sumulong arrived at Land Registration Systems (LARES), one of his first priorities was to understand the organization’s security posture. He explained, “We managed a security operations center (SOC) that monitored all our network and transaction traffic. While we were protecting our endpoints and we had an effective firewall strategy, we felt we lacked central visibility to detect security incidents. We could significantly strengthen our security posture if we introduced a security information and event management (SIEM) solution. LARES operations are very decentralized, and we support approximately 6,000 users spread across 162 nationwide offices. It is critical that we stay ahead of the cybersecurity curve, and it was clear that we needed help in this area.”

In board-level discussions, Mr. Sumulong stressed the importance of better governance and auditing capabilities that would result from a robust cybersecurity strategy. He also explained the challenges in supporting thousands of distributed users with software patches and upgrades that would often require an engineer to travel to remote locations accessible only by plane or ferry. To remain compliant with government policies, a centralized device management system would automate and streamline this process.

Support was extremely important to us with this investment as we aim to have long-term partnerships. We were reassured that ArcSight is a strong product that will be supported far into the future, ensuring continued innovation.

Mr. Teddy Sumulong
CEO, Land Registration Systems

Solution

LARES introduced OpenText™ ArcSight Enterprise Security Manager and OpenText™ ZENworks™ Suite with flexible licensing to match future growth potential. Knowledge transfer ensured that the LARES team could take responsibility for ongoing management.

Products deployed

OpenText™ ArcSight Enterprise Security Manager (ESM)

Reduce threat exposure by detecting threats in real-time with powerful and adaptable SIEM correlation analytics
OpenText™ ZENworks™ Suite

Manage thousands of devices, applications, assets, and software patches

Selecting ArcSight to introduce SIEM and bolster security posture

The 30-strong cybersecurity team at LARES investigated SIEM options and sought advice from customers who had recently implemented a SIEM. After evaluating several solutions, ArcSight Enterprise Security Manager (ESM) was found to best meet the specific LARES requirements. ArcSight ESM reduces threat exposure by detecting threats in real-time with powerful and adaptable SIEM correlation analytics.

“Support was extremely important to us with this investment as we aim to have long-term partnerships,” commented Mr. Sumulong. “We were reassured that ArcSight is a strong product that will be supported far into the future, ensuring continued innovation. OpenText worked with us to determine the scope and scale of our requirements and proposed a flexible license structure that can grow with us.”

Integrating different data sources for efficient analysis and correlation

ArcSight ESM was implemented in less than two months, with OpenText Cybersecurity experts supporting the LARES security team. The ArcSight out-of-the-box business rules were customized to reflect LARES rules and regulations so that security anomalies and false positives were minimized, saving time for the security team. The new SIEM captured Windows monitoring logs and incident detection, such as workstation reboots, USB plug-ins, application installations, authentication status, and user creation or deletion. It also actively monitored the firewall, database, and network device activities to register any changes that may be out of the ordinary.

At the same time as the ArcSight implementation, LARES also decided to adopt Darktrace, leveraging machine learning to introduce even more sophisticated cyberattack prevention. ArcSight is designed to integrate with many data sources, as the more data is available for analysis and correlation, the more reliable the actionable results are. Darktrace security logs were consolidated into the ArcSight SIEM, and LARES felt reassured it could address its security compliance and operational requirements.

With effective knowledge transfer from OpenText, the LARES security team was fully equipped to take on the ongoing management of the ArcSight platform.

Transforming an outdated IT support model with ZENworks Suite

While a cybersecurity plan with ArcSight took shape, the LARES team turned its attention to the issue of centralized IT device management. With a lack of structured patch management and version control, the 162 LARES office locations relied on engineers going into the field and manually updating and patching thousands of workstations. Processes were outdated and there was always a risk that a mission-critical patch was delayed.

ZENworks Suite combines the tools an organization needs to manage, secure, and protect its endpoint environment and data, and do it from one place. LARES leverages ZENworks Suite to identify, track, and remediate missing patches and the associated vulnerabilities. Rather than send engineers on extensive field trips, the team can specify centralized patch policies so that all LARES endpoints have the right OS and third-party application patches at the right time.

“Leveraging ZENworks Suite we introduced application control and policy enforcement for all our endpoints,” commented Mr. Sumulong. “Its flexibility allowed us to easily blacklist any applications we don’t want our users to run. We also automated our asset discovery so that we have better hardware and software visibility. This inventory used to take a lot of manual effort.”

ZENworks Suite revolutionized the way in which we support thousands of users. We now provide faster and automated secure patching, have increased visibility on all endpoints, provide effective policy enforcement, and efficiently manage our assets.

Mr. Teddy Sumulong
CEO, Land Registration Systems

Results

Improved visibility means potential breaches are responded to much faster. Centralized and automated IT support with ZENworks revolutionized an outdated IT support model. Operational and security auditing efforts are reduced and streamlined.

Streamlined and automated cybersecurity auditing

Introducing ArcSight SIEM created a more transparent environment to detect issues earlier and respond much faster to potential breaches. As the security team became more familiar with the opportunities presented by ArcSight, new systems were identified to be consolidated in the SIEM. Thanks to the openness and flexibility presented by ArcSight, these data logs can all be integrated for a rich analysis and data correlation experience.

As a government-aligned organization, LARES is subject to both internal and external regular auditing. Every six months, it needs to provide a comprehensive cybersecurity report to the central government, facilitated through a selected neutral provider. The ArcSight implementation substantially eased and automated this process. Whereas before ArcSight, this would be a time-intensive and manual process, the last audit was completed with minimal effort required from the security team.

Saved time and reduced risk by centralizing IT management

ZENworks Suite drastically improved the supportability of all LARES endpoint devices. This allowed support engineers to focus on innovation and value-add activities to benefit the large user community, instead of spending time traveling the country to manually update workstations. “ZENworks was easy and quick to implement,” commented Mr. Sumulong. “Rather than a cost justification, this was more of a risk justification because delaying critical patches could leave us open to security breaches. ZENworks simply runs on a virtual machine (VM) and has a user-friendly central console allowing us to manage everything seamlessly.”

Improved cybersecurity posture and enhanced team productivity

Mr. Sumulong commented, “Our security team is very happy with the additional assurance that ArcSight brings to our cybersecurity posture. We have clear visibility and can identify potential issues much earlier, protecting our mission-critical systems against malicious cyberattacks. Our audit process is much more streamlined, and not only can we respond to audit requests in a timely and efficient manner, but we can also proactively provide valuable feedback to strengthen our systems even more. With our customized reports and dashboards, we improved our compliance reporting and the efficiency of incident handling.”

He concluded, “With the Philippines being an archipelago, traveling to our remote offices could be challenging and this was not a sustainable IT support model for us. ZENworks Suite revolutionized how we support thousands of users. We now provide faster and automated secure patching, have increased visibility on all endpoints, provide effective policy enforcement, and efficiently manage our assets. The productivity of our IT support team has improved substantially as a result. Our partnership with OpenText is a great success and we look forward to our continued collaboration in the future.”