WGU C850 Emerging Technologies
Emerging Technologies (Western Governors University)
EMERGING TECHNOLOGIES C850
TechFite Case Study
Tech Case
... [Show More] Study
C850 Emerging Technologies Western Governors University 12-08-2020
A. Organizational Need
Security Information Event Management can be a solution to implement in TechFite. Because the amount of traffic that passes through the two firewalls creating enormous amounts of real-time log data and is challenging to scan logs manually. Furthermore, TechFite plans to install honey pots, and those will store massive amounts of log data. SIEM is a solution that aggregates historical log data, real-time active security events, analyze log behavior, vulnerabilities, and malware activities. Moreover, TechFite will need a solution for additional storage of their current log data and scale with future growth storage. According to the article in Dataversity, “What is SIEM, and why is it so important?” Gilad David Mayan explains why a SEIM should be used on a company to report suspicious activities is the amount of log activity this creates, and it is almost impossible to handle it manually. This implementation must be compliant and need to be maintained by the solution in place with The Federal Information Security Management- FISMA and the National Institute of Standards and Technology-NIST
B. Proposing a Solution for Emerging Technology
To have the requirements for TechFite’s business demands. I will recommend using Splunk Enterprise service on the Google Cloud platform as
an Emerging Technology Solution. Splunk offers scalable service featuring SIEM appliance. Splunk supports a full range of Information security operations, real-time visibility, Automatization and Orchestration, incident response, User monitoring, Threat Intelligence, Advanced Analytics, Advance threat detection. TechFite will have the ability to analyze in real-time, monitor, and threshold conditions twenty-four hours a day. They will be able to customize dashboards for viewing these scenarios. According to the Slunk website- Splunk Connected Capabilities puts Splunk's control in the user’s hands, accurately. Through Mobile Smart devices, Smart Television, and Splunk Enhanced Reality, Splunk Allows everyone in your company to view graphical information and see it on the go. (www.splunk.com)
C. Adoption Process
This step is to assess the solution's benefits: the cost and the risk that TechFite will encounter and the current operations. Data-to Everything Pricing, Splunk's flexible pricing options bring data to every question, decision, and action.
Processes- Splunk enterprise will enable much of the automated process by collecting, analyzing big data, and giving insights into the operational performance.
P a g e 3 | 9
Business – The data to everything, the added level of security, the real-time visibility, the risk-based Alerting will be a massive benefit for all the customers. Not only will this bring a very positive value to the Techfite brand, but it will also get stand out from its competitors.
People- As soon as Splunk Enterprise gets configure, running, and deploy, the hours for employees to evaluate manually log incidents will be cut drastically, having a significant impact on staff hours. People can be assigned to do other tasks
Framework -Splunk enterprise will be hosted on Google Cloud. The advantage of this option is on-site physical hardware and software will not have to be in host on-site or keeping this at a minimum. Furthermore, by having the cloud solution, these will always have the ability to expand as much as TechFite wants.
Risk of Implementation:
The IT team will have to go to rigorous training. It requires getting certified to configure, maintain, and adopt Splunk Enterprise. By getting certified, the people managing the software are well prepared, and the project involved will not be rejected. Furthermore, it will take some time for the people to get training, but it will benefit Techfite. The price or cost is always a big deal for the companies. The cost will need to be absorbed by TechFite. The price tag
of implementation will be based on the company's needs. As a growing
P a g e 4 | 9
company the price will increment base on the company’s needs. We must think that there will always be growth. We must consider also for time- saving automatization. The IT team should be able to adopt this solution with no problems. In the beginning, it might take the team some time to do all of the implementations, but as the team moves forward, it will free up lots of time for the Teams involved.
I believe the advantages be greater than any risks associated. By meticulous planning all the implementations, most of the risk can be eased to an adequate level.
It is recommended a pilot program to implement this solution Splunk offers a 60-day trial, but a 14-day for the cloud. It can be an excellent opportunity for all the firewalls to be tested on the configuration of alerts, dashboard reports, real-time monitoring before TechFile fully adopt this. It will be a good time for the IT team to learn as they implement and to show the rest of the team when it is time for deployment. [Show Less]