下载PDF
Real Estate Company Enhances Cybersecurity with Arctic Wolf for Security Operations
技术
- 网络安全和隐私 - 端点安全
- 网络安全和隐私 - 网络安全
- 网络安全和隐私 - 安全合规
适用功能
- 商业运营
用例
- 网络安全
- 监管合规监控
- 远程资产管理
服务
- 网络安全服务
- 系统集成
- 培训
挑战
Prior to considering a managed detection and response solution, the company had no comprehensive approach to holistically monitor infrastructure or glean security insights from log data generated by its various IT systems. Its IT team had a small set of internal monitoring tools to monitor specific systems, but knew it lacked visibility and risked missing significant threats. According to an information security manager for the firm: “We told the board we had to improve how we monitored the environment. In particular, we needed to be more responsive to threats and to the unique nature of AWS environments.” The firm considered various options. The choices narrowed down to: (1) Establishing their own security operations center (SOC) on-premises using a LogRhythm security information and event management (SIEM) platform or (2) Leveraging a managed security service offering. It didn’t take long, however, to realize that going the LogRhythm route and then needing to hire a dedicated staff to run an inhouse SOC was cost-prohibitive. This remained true even when considering a LogRhythm SIEM co-managed through a third party. The firm then evaluated the managed security service provider (MSSP) model from AT&T, but found the AT&T offering lacked the “named” team provided by Arctic Wolf and might not provide the necessary attention to the company’s needs.
关于客户
This top five global real estate company has over 400 employees with multiple offices. The firm provides tools and support to thousands of franchisee agents. The real estate company has more than 75 on-premises servers, as well as an extensive Amazon Web Services (AWS) server infrastructure with over 370 instances. Its IT team manages, secures, and monitors a diverse infrastructure that includes workstations, servers, firewalls, and network infrastructure comprised of switches, routers, and wi-fi access points. The team also must maintain compliance with regulatory regimes including the Sarbanes-Oxley Act (SOX) and the Payment Card Industry Data Security Standard (PCI DSS). The company has various applications handling sensitive financial and human resources data, and personally identifiable information (PII) in on-premises and cloud servers could trigger state data breach laws once compromised.
解决方案
In came Arctic Wolf and its managed detection and response (MDR) solution. The company’s IT team soon determined that Arctic Wolf® Managed Detection and Response provided the best option to meet its ongoing challenges and ramp up its cybersecurity posture. Arctic Wolf Managed Detection and Response was initially deployed in early 2019 across the company’s on-premises environment, rolling out the AWS deployment over time. Today, Arctic Wolf provides the firm with visibility across both environments. This monitoring has helped it to better understand its environment and sustain compliance with SOX and PCI DSS mandates. The Arctic Wolf MDR solution has helped the firm’s IT team validate security changes, and notified the company when an unexpected—though legitimate—root login occurred. This is one of numerous examples where Arctic Wolf has raised the company’s capabilities and removed the burdensome load of cybersecurity off of its internal IT team. The company’s AWS environment includes a variety of pieces, including Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Simple Storage Service (Amazon S3) buckets, Amazon ElastiCache, and Amazon Relational Database Service (Amazon RDS) instances. The firm uses a microservices approach to its AWS applications with Amazon EC2 instances in Kubernetes. “AWS is a big focus of our development efforts given the value of the cloud, so we must ensure the same sort of protections around our AWS environment that we have on premises,” the information security manager said. After consulting with the Arctic Wolf Concierge Security Team, the firm decided to deploy Amazon GuardDuty to better monitor its environment. GuardDuty monitors for malicious activity and unauthorized behavior in AWS accounts and workloads. Arctic Wolf MDR is now ingesting GuardDuty telemetry to obtain better visibility to the firm’s AWS environment. GuardDuty can generate a considerable volume of alerts, and Arctic Wolf MDR ingests and distils those alerts to arrive at actionable threat information. Looking forward, the company has plans to extend Arctic Wolf monitoring to its Salesforce infrastructure.
运营影响
数量效益
相关案例.
Case Study
Improving Vending Machine Profitability with the Internet of Things (IoT)
The vending industry is undergoing a sea change, taking advantage of new technologies to go beyond just delivering snacks to creating a new retail location. Intelligent vending machines can be found in many public locations as well as company facilities, selling different types of goods and services, including even computer accessories, gold bars, tickets, and office supplies. With increasing sophistication, they may also provide time- and location-based data pertaining to sales, inventory, and customer preferences. But at the end of the day, vending machine operators know greater profitability is driven by higher sales and lower operating costs.
Case Study
Remote Wellhead Monitoring
Each wellhead was equipped with various sensors and meters that needed to be monitored and controlled from a central HMI, often miles away from the assets in the field. Redundant solar and wind generators were installed at each wellhead to support the electrical needs of the pumpstations, temperature meters, cameras, and cellular modules. In addition to asset management and remote control capabilities, data logging for remote surveillance and alarm notifications was a key demand from the customer. Terra Ferma’s solution needed to be power efficient, reliable, and capable of supporting high-bandwidth data-feeds. They needed a multi-link cellular connection to a central server that sustained reliable and redundant monitoring and control of flow meters, temperature sensors, power supply, and event-logging; including video and image files. This open-standard network needed to interface with the existing SCADA and proprietary network management software.
Case Study
Marine and Industrial Displays by Caterpillar
Caterpillar needed a flexible platform for a new generation of connected human-machine interfaces across a wide variety of industrial environments. Examples include marine, petroleum pumping, generators, custom hydraulics, mining, and rail applications.
Case Study
Driving Digital Transformations for Vitro Diagnostic Medical Devices
Diagnostic devices play a vital role in helping to improve healthcare delivery. In fact, an estimated 60 percent of the world’s medical decisions are made with support from in vitrodiagnostics (IVD) solutions, such as those provided by Roche Diagnostics, an industry leader. As the demand for medical diagnostic services grows rapidly in hospitals and clinics across China, so does the market for IVD solutions. In addition, the typically high cost of these diagnostic devices means that comprehensive post-sales services are needed. Wanteed to improve three portions of thr IVD:1. Remotely monitor and manage IVD devices as fixed assets.2. Optimizing device availability with predictive maintenance.3. Recommending the best IVD solution for a customer’s needs.