REVIEWER: Michael Gabriel, corporate information security officer for Career Education Corporation.
BACKGROUND: Career Education Corporation (Career Ed), a publicly traded, globally recognized post-secondary education firm, provides education to approximately 95,000 students. Career Ed's colleges, schools and universities at 80-plus campuses are located throughout North America, France, the UK and the United Arab Emirates. Offering doctoral, master's, bachelor's and associate degrees, and diploma and certificate programs, it enables graduates to pursue rewarding careers.
HARDWARE PLATFORMS: Eight MS SQL clusters and two AMD-based Ultra-Performance Red Hat Linux servers.
PROBLEM SOLVED: With more than one-third of Career Ed's 95,000 students attending the Web-based virtual campuses of the American InterContinental University Online and Colorado Technical University Online, approximately 3,500 students, faculty and staff are online at any point in time, and more than 10,000 people have access to online information. IT security, especially database security, was a critical component for the company's continued success. Career Ed initiated a comprehensive IT security initiative, taking a layered-security approach for optimal protection three years ago and now boasts a tight security layer for both the perimeter and the databases where critical data is stored and accessed.
PRODUCT FUNCTIONALITY: RippleTech's INFORMANT solution provided the needed data access intelligence to properly secure our databases and applications. INFORMANT empowered Career Ed with comprehensive, zero-impact application visibility to effectively monitor for inappropriate activity such as a database attack or a privilege abuse. We have been able to prevent costly security breaches as well as demonstrate compliance and improve database availability and reliability. INFORMANT provides continuous auditing of all SQL activities by monitoring all access paths to sensitive corporate and customer data - whether by users, malware, utilities, "back-door" queries, LAMP scripting, etc. In addition, it alerts appropriate IT managers in real time (by email, pager or cell phone) when there is suspicious activity or unauthorized access to sensitive information.
STRENGTHS: While the application monitoring solutions provided through the SQL database had a negative impact on system performance, Informant's nonintrusive solution ensured that there was no negative impact on performance or service. In addition, event logs create so many messages that they would be impossible to review manually. RippleTech provided an open platform for data access intelligence that easily integrated with our other security and reporting tools, which enabled us to centrally monitor our security environment.
WEAKNESSES: Better mapping to business transactions would enable us to track back by queries and groups; this would empower our help desk teams to manage service-level issues more effectively.
SELECTION CRITERIA: We needed a solution that could seamlessly integrate with our netForensics security information management platform as well as provide flexible, comprehensive monitoring capabilities in a nonintrusive way that would not negatively impact our system performance. We reviewed several options before selecting RippleTech.
DELIVERABLES: Career Ed has an extremely high-volume transaction environment with averages of 30,000 events per minute; with RippleTech, we can monitor all transactions and any anomalies or threats in real time. This initiative has enabled us to produce a wealth of reports quickly and easily, all in one central location. Our security team constantly monitors the database dashboard and virus/threat dashboard through one console to get real-time visibility into our security environment.
VENDOR SUPPORT: RippleTech's extreme support is unmatched. Their responses to our questions were concise and insightful, and they were quick to provide advice for continued improvements. We even have regularly scheduled "tune up" calls to make sure our initiative provides the most comprehensive data protection possible. RippleTech's support enabled us to rapidly deploy the database security measures needed to effectively monitor and protect one of our most valuable assets, data.
DOCUMENTATION: We partnered closely with RippleTech's support team for the initial install, and there was minimal documentation needed after Informant was set up.
555 North Lane, Suite 6040
Conshohocken, PA 19428
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access