Download PDF
Securing the Infrastructure So People Can Go Skiing
Technology Category
- Cybersecurity & Privacy - Endpoint Security
- Cybersecurity & Privacy - Network Security
- Cybersecurity & Privacy - Security Compliance
Applicable Functions
- Business Operation
- Facility Management
Use Cases
- Intrusion Detection Systems
- Remote Asset Management
Services
- System Integration
- Training
The Challenge
ORDA faced significant challenges in ensuring the security of its IT infrastructure, especially after acquiring a third ski resort in 2012. The organization needed to comply with PCI standards due to changes in how they handled credit cards. Additionally, the seasonal nature of their business required special security training for new and existing employees. The IT department, consisting of only eight members with a single dedicated security officer, had to manage user awareness, security training, and monitor for anomalies and indicators of compromise. The primary concerns included potential credit card data breaches and malware infections.
About The Customer
The New York State Olympic Regional Development Authority (ORDA) is a state authority established after the 1980 Olympics to manage two ski resorts and several Olympic sites. These facilities are used for public recreation and world-class sporting competitions. ORDA is headquartered in Lake Placid, NY, and employs a seasonal workforce, especially in the fall. The organization has an eight-member IT department, with one dedicated Information Security officer responsible for user awareness, security training, and monitoring for security threats. ORDA's mission is to provide secure and enjoyable recreational facilities while maintaining compliance with security standards.
The Solution
To address their security challenges, ORDA conducted a competitive comparison of various log management tools, including AlienVault, LogRythm, Splunk, HP ArcSight, and Solarwinds Log and Event Manager. They chose AlienVault Unified Security Management (USM) for its comprehensive features and cost-effectiveness. The implementation began in the fall of 2012, starting with OSSEC host intrusion detection to monitor Active Directory changes, privileged account use, and group membership changes. This allowed for detailed tracking of administrative actions and potential suspicious behavior. Additionally, AlienVault's Network Intrusion Detection System (IDS), using Snort and Suricata, was deployed to detect exploited vulnerabilities and indicators of compromise through packet sniffing. The behavioral monitoring capability with Netflow was also utilized on two of ORDA's four remote sensors. The Open Threat Exchange (OTX) feature proved valuable for investigating potential incidents and indicators of compromise.
Operational Impact
Quantitative Benefit
Related Case Studies.
.png)
Case Study
Improving Vending Machine Profitability with the Internet of Things (IoT)
The vending industry is undergoing a sea change, taking advantage of new technologies to go beyond just delivering snacks to creating a new retail location. Intelligent vending machines can be found in many public locations as well as company facilities, selling different types of goods and services, including even computer accessories, gold bars, tickets, and office supplies. With increasing sophistication, they may also provide time- and location-based data pertaining to sales, inventory, and customer preferences. But at the end of the day, vending machine operators know greater profitability is driven by higher sales and lower operating costs.
Case Study
Remote Wellhead Monitoring
Each wellhead was equipped with various sensors and meters that needed to be monitored and controlled from a central HMI, often miles away from the assets in the field. Redundant solar and wind generators were installed at each wellhead to support the electrical needs of the pumpstations, temperature meters, cameras, and cellular modules. In addition to asset management and remote control capabilities, data logging for remote surveillance and alarm notifications was a key demand from the customer. Terra Ferma’s solution needed to be power efficient, reliable, and capable of supporting high-bandwidth data-feeds. They needed a multi-link cellular connection to a central server that sustained reliable and redundant monitoring and control of flow meters, temperature sensors, power supply, and event-logging; including video and image files. This open-standard network needed to interface with the existing SCADA and proprietary network management software.
Case Study
Marine and Industrial Displays by Caterpillar
Caterpillar needed a flexible platform for a new generation of connected human-machine interfaces across a wide variety of industrial environments. Examples include marine, petroleum pumping, generators, custom hydraulics, mining, and rail applications.
Case Study
Driving Digital Transformations for Vitro Diagnostic Medical Devices
Diagnostic devices play a vital role in helping to improve healthcare delivery. In fact, an estimated 60 percent of the world’s medical decisions are made with support from in vitrodiagnostics (IVD) solutions, such as those provided by Roche Diagnostics, an industry leader. As the demand for medical diagnostic services grows rapidly in hospitals and clinics across China, so does the market for IVD solutions. In addition, the typically high cost of these diagnostic devices means that comprehensive post-sales services are needed. Wanteed to improve three portions of thr IVD:1. Remotely monitor and manage IVD devices as fixed assets.2. Optimizing device availability with predictive maintenance.3. Recommending the best IVD solution for a customer’s needs.
