Wellington College, the Berkshire day and independent boarding school, is home to 1100 students and 600 staff. In 2017, it decided it needed to add to its cyber security with a tool that would automate the collection, storage and analysis of its data to better identify behavioural trends and have greater insight into potential cyberthreats.
Tony Whelton, IT director at Wellington College, said: “The College generates a wealth of data, which can be a minefield for our IT department to manage manually. In the past, we have taken more of a reactive approach to security, largely because we have not had full visibility into our network activity. We are constantly battling both external and internal threats; indeed, with a college full of smart, savvy teenagers, the insider threat is very real. As the threat landscape escalated, we knew we needed a more holistic solution that would automatically make sense of our data, essentially acting as the eyes and ears of the IT team.”
The College turned to Xitenys, an independent provider of IT security and data management, for the right solution. After a tendering process involving a number of other vendors, the College selected NextGen SIEM Platform. Whelton said: “LogRhythm’s NextGen SIEM Platform stood out as being best-in-beed after a year of testing multiple solutions. The visibility we now have is exceptional. Not only do we have access to data that reveals useful behavioural trends, we also have insight into network activity – both internal and external – in real-time, which means we can take action to neutralise a potential threat as soon as it appears.
The NextGen SIEM Platform is also helping the College overcome how to detect and neutralise cyber threats remotely.
Whelton added: “At the College, our students and staff are constantly accessing our network on-the-go as they roam the campus, which can make it much more challenging to identify and locate a lot of threats. LogRhythm’s platform is incredibly intelligent and is able to correlate data from multiple sources to reveal what is infected, where and when. For example, we are now able to merge data picked up from our firewall with WiFi data to get the exact location of a malware-infected device. What’s also really useful is that this data is analysed and stored on one single dashboard, making it much easier for our IT department to create and share reports.”
Visit logrhythm.com.
