This blog was originally published on humio.com. Humio is a CrowdStrike Company.
Overview
The University of Idaho uses Humio to ingest and analyze network security log data at scale. Humio provides incredible cost-savings compared to their previous logging solution, helping the university increase security insights, streamline incident detection and response efforts, and reduce TCO.
“With Humio, it’s easier and faster to search than it was with previous solutions. We can get to the root of malicious activity like phishing attacks more quickly and efficiently.” — Mitch Parks, Chief Information Security Officer, University of Idaho
Challenge: Reducing Log Management Cost and Complexity
Like many budget-conscious organizations, the IT services department at the University of Idaho is always looking for creative ways to do more with less. The university was using their previous solution to capture and analyze network security log data, but the solution was costly and complicated to scale.
“Because of budget constraints, we could only afford to license 100 gigabytes of data per day. A security incident like a denial-of-service attack can easily drive up our log volumes, trigger licensing caps, and impair forensics.” — Mitch Parks, Chief Information Security Officer, University of Idaho
Solution: Humio Logs Everything at Scale in Real Time
After investigating a number of log management alternatives, including open-source solutions, the university selected Humio as its next-generation security log management platform.
“The open-source approach would have required as many as 12 servers, and we would have needed a dedicated IT person to deploy and maintain it,” recalls Parks. “That just didn’t make sense from an investment perspective. I had read about how other universities had successfully switched to Humio and decided to take a look at it.”
“We evaluated Humio for about 30 days and were quite impressed,” explains Carl Pearson, IT security analyst for the university. “The product is easy to set up and use, and doesn’t require a dedicated IT admin or a SIEM expert, or take a lot of my time to manage.”
Results: Faster and Deeper Insights, Lower TCO
Humio’s state-of-the-art log management platform helped the university improve visibility, slash operations expenses and complexity, and reduce risk and exposure.
“With Humio we save at least $10K a year in licensing fees alone,” says Parks. The university can now retain at least a year’s worth of full log data, which is paramount when sophisticated threat actors can penetrate networks and evade detection for weeks or even months on end.
“With other solutions, we spent a lot of time and effort cleaning up our logs to save space. In the process, we removed Active Directory events and other information that we actually needed later for forensics. We don’t have to worry about any of that anymore with Humio.” — Mitch Parks, Chief Information Security Officer, University of Idaho
Once they started using Humio, Parks and Pearson quickly found additional use cases for the platform beyond security. The IT Services team now uses Humio to identify potential system performance and availability issues, flag possible software licensing violations, and gather other IT operations and application insights.
Leave a Reply