Case Studies Securing the Infrastructure So People Can Go Skiing

Edit This Case Study Record

	Securing the Infrastructure So People Can Go Skiing

Securing the Infrastructure So People Can Go Skiing

Technology Category	Cybersecurity & Privacy - Endpoint Security Cybersecurity & Privacy - Network Security Cybersecurity & Privacy - Security Compliance
Applicable Functions	Business Operation Facility Management
Use Cases	Intrusion Detection Systems Remote Asset Management
Services	System Integration Training
Challenge	ORDA faced significant challenges in ensuring the security of its IT infrastructure, especially after acquiring a third ski resort in 2012. The organization needed to comply with PCI standards due to changes in how they handled credit cards. Additionally, the seasonal nature of their business required special security training for new and existing employees. The IT department, consisting of only eight members with a single dedicated security officer, had to manage user awareness, security training, and monitor for anomalies and indicators of compromise. The primary concerns included potential credit card data breaches and malware infections. Read More
About Customer	The New York State Olympic Regional Development Authority (ORDA) is a state authority established after the 1980 Olympics to manage two ski resorts and several Olympic sites. These facilities are used for public recreation and world-class sporting competitions. ORDA is headquartered in Lake Placid, NY, and employs a seasonal workforce, especially in the fall. The organization has an eight-member IT department, with one dedicated Information Security officer responsible for user awareness, security training, and monitoring for security threats. ORDA's mission is to provide secure and enjoyable recreational facilities while maintaining compliance with security standards. Read More
Solution	To address their security challenges, ORDA conducted a competitive comparison of various log management tools, including AlienVault, LogRythm, Splunk, HP ArcSight, and Solarwinds Log and Event Manager. They chose AlienVault Unified Security Management (USM) for its comprehensive features and cost-effectiveness. The implementation began in the fall of 2012, starting with OSSEC host intrusion detection to monitor Active Directory changes, privileged account use, and group membership changes. This allowed for detailed tracking of administrative actions and potential suspicious behavior. Additionally, AlienVault's Network Intrusion Detection System (IDS), using Snort and Suricata, was deployed to detect exploited vulnerabilities and indicators of compromise through packet sniffing. The behavioral monitoring capability with Netflow was also utilized on two of ORDA's four remote sensors. The Open Threat Exchange (OTX) feature proved valuable for investigating potential incidents and indicators of compromise. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Endpoint Security

Cybersecurity & Privacy - Network Security

Cybersecurity & Privacy - Security Compliance

Applicable Functions

Business Operation

Facility Management

Use Cases

Intrusion Detection Systems

Remote Asset Management

Services

System Integration

Training

Challenge

ORDA faced significant challenges in ensuring the security of its IT infrastructure, especially after acquiring a third ski resort in 2012. The organization needed to comply with PCI standards due to changes in how they handled credit cards. Additionally, the seasonal nature of their business required special security training for new and existing employees. The IT department, consisting of only eight members with a single dedicated security officer, had to manage user awareness, security training, and monitor for anomalies and indicators of compromise. The primary concerns included potential credit card data breaches and malware infections.

About Customer

The New York State Olympic Regional Development Authority (ORDA) is a state authority established after the 1980 Olympics to manage two ski resorts and several Olympic sites. These facilities are used for public recreation and world-class sporting competitions. ORDA is headquartered in Lake Placid, NY, and employs a seasonal workforce, especially in the fall. The organization has an eight-member IT department, with one dedicated Information Security officer responsible for user awareness, security training, and monitoring for security threats. ORDA's mission is to provide secure and enjoyable recreational facilities while maintaining compliance with security standards.

Solution

To address their security challenges, ORDA conducted a competitive comparison of various log management tools, including AlienVault, LogRythm, Splunk, HP ArcSight, and Solarwinds Log and Event Manager. They chose AlienVault Unified Security Management (USM) for its comprehensive features and cost-effectiveness. The implementation began in the fall of 2012, starting with OSSEC host intrusion detection to monitor Active Directory changes, privileged account use, and group membership changes. This allowed for detailed tracking of administrative actions and potential suspicious behavior. Additionally, AlienVault's Network Intrusion Detection System (IDS), using Snort and Suricata, was deployed to detect exploited vulnerabilities and indicators of compromise through packet sniffing. The behavioral monitoring capability with Netflow was also utilized on two of ORDA's four remote sensors. The Open Threat Exchange (OTX) feature proved valuable for investigating potential incidents and indicators of compromise.

Impact #1	The implementation of AlienVault USM allowed ORDA to enhance its security posture significantly.
Impact #2	OSSEC host intrusion detection provided detailed monitoring of Active Directory changes, helping to identify suspicious behavior.
Impact #3	The Network Intrusion Detection System (IDS) using Snort and Suricata enabled the detection of exploited vulnerabilities and indicators of compromise.

Impact #1

The implementation of AlienVault USM allowed ORDA to enhance its security posture significantly.

Impact #2

OSSEC host intrusion detection provided detailed monitoring of Active Directory changes, helping to identify suspicious behavior.

Impact #3

The Network Intrusion Detection System (IDS) using Snort and Suricata enabled the detection of exploited vulnerabilities and indicators of compromise.

Benefit #1	Implemented AlienVault USM in 2012, enhancing security capabilities.
Benefit #2	Expanded Network Intrusion Detection System (IDS) deployment to all locations by spring.

Benefit #1

Implemented AlienVault USM in 2012, enhancing security capabilities.

Benefit #2

Expanded Network Intrusion Detection System (IDS) deployment to all locations by spring.

Download PDF Version

Overview

Securing the Infrastructure So People Can Go Skiing

Operational Impact

Quantitative Benefit