ArcSight Case Study: GESB
| Summary: |
Government Employees Superannuation Board (GESB) is the largest superannuation provider for public sector employees in Western Australia. GESB places client data confidentiality and information security among its top IT priorities and required the ability to monitor the network and all users in real time, including any fluctuations in email traffic, repeated failed login attempts and other suspicious activity. |
| Business Challenge: |
Tracking the millions of events generated each day became a serious challenge for GESB. The organization receives event feeds from over 110 different network systems, devices and applications on the network, including McAfee ePolicy Orchestrator, an in-house member database, firewalls and domain controllers. |
| Solution: | ArcSight Express allows GESB to understand all network security events by placing them withing the context of what, where, when and why each event occurred and its impact on the organization. Using ArcSight Express, GESB can detect and respond quickly to event the most subtle cyterthreats. Before deploying ArcSight Express, it took hours to identify suspicious activity; now, GESB can pin-point that infromation immediately, in just 15-20 seconds. |
| Benefits: |
ArcSight Express enables GESB to track failed logins and multiple password attempts to identify when someone is trying to breach security. GESB also monitors for data leakage by tracking the use of removable storage devices and identifying exactly what data is being removed and by whom. ArcSight Express also enables GESB to comply with APRA requirements; it has the ability to store audit-quality log data and provide meaningful compliance reports for fast, easy audits. |
