SlideShare a Scribd company logo

HP Enterprise Security Customer Case Study - Apollo Group

Scott Carlson
Scott Carlson

Summary: Apollo Group is a publicly traded parent company that owns the University of Phoenix and a number of other higher education subsidiaries. The organization needs to be able to meet rigorous audit and compliance requirements and aimed to take its security to the next level by building a more mature security operations center. Business Challenge: With 300 physical location in six countries, 500,000 students, 50,000 faculty and 22,000 employees, Apollo Group has a formidable challenge in securing all its systems data and endpoints. Solution: ArcSight ESM enables Apollo Group to increase its visibility and intelligence into its network and protect against zero day cyberthreats. With ArcSight ESM, Apollo Group has been able to create unique use cases to identify events specific to its environment - for example, preventing student misuse of Internet resources and protecting against data leakage via mobile media. Benefits: The comprehensive correlation and reporting capabilities within ArcSight ESM enable Apollo Group to effectively process billions of security events and maintain compliance with SOX and PCI regulations. "We are extremely pleased to have ArcSight ESM as the basis for our security foundation. Its versatility and raw ability to combat cyberthreats and risk make it an excellent choice," says Scott Carlson, Principal Engineer, Apollo Group Data Center Architecture.

1 of 2
Download to read offline
Apollo Group HP Enterprise Security Customer Case Study “We are extremely pleased to have ArcSight ESM as the basis for our security foundation. Its versatility and raw ability to combat cyberthreats and risk make it an excellent choice.” —Scott Carlson, Principal Engineer, Apollo Group Data Center Architecture Customer Brief HP Enterprise Security Customer Case Study: Apollo Group, parent company of the University of Phoenix and several other higher education institutions, relies on ArcSight ESM to provide visibility and intelligence into its network and to protect against zero day cyberthreats. Industry: Education Apollo Group, Inc. is one of the world’s largest private education providers and has been in the education business for more than 35 years. The company offers innovative and distinctive educational programs and services both online and on-campus at the high school, undergraduate, master and doctoral levels through its subsidiaries: University of Phoenix, Apollo Global, Institute for Professional Development, College for Financial Planning and Meritus University. The company’s programs and services are provided in 40 states and the District of Columbia; Puerto Rico; Canada; Latin America; and Europe, as well as online throughout the world. Product(s) • rcSight ESM A Business Benefits • rcSight ESM enables Apollo Group to maximize A its visibility and intelligence into its network, and protect against zero day cyberthreats • eeds from numerous vendors are easily F correlated into events, allowing the security team to act immediately • pollo Group can prove it is meeting compliance A requirements and can respond to auditor requests quickly and easily The Apollo Group Challenge Apollo Group is a publicly traded parent company that owns the University of Phoenix and a number of other subsidiaries in the education arena. With 300 physical locations in six countries, 500,000 students, 50,000 faculty and 22,000 employees, Apollo Group has a formidable challenge in securing all its systems, data and endpoints. Apollo Group needed to be able to meet rigorous audit and compliance requirements for regulations such as SOX and PCI. It also aimed to take its security to the next level and do more real-time correlation and alerting of security events across its entire infrastructure. In building a more mature security operations center, Apollo Group required a fully featured threat and risk management system that could deliver. Originally, Apollo Group had deployed a product to address these challenges; however, it failed to meet the organization’s requirements over time and had to be re-evaluated. It simply could not scale along with the
pace of business. In a head-to-head competition, ArcSight ESM performed better, offered more features and flexibility, and also ranked highest among industry thought leaders. It quickly became the clear choice. The ArcSight Solution ArcSight ESM enables Apollo Group to increase its visibility and intelligence into its network and protect against zero day cyberthreats. The organization has a diverse population of technologies and security products (McAfee, Blue Coat, Sourcefire, etc.) and the capability of ArcSight ESM to correlate events across all those logs in real time allows it to respond more quickly to risk and threats. With ArcSight ESM, Apollo Group has been able to create unique use cases to identify events specific to its environment. One example is preventing student misuse of Internet resources. When students register for a course, they are required to submit homework and interact with their peers and instructor via message boards contained on the classroom portal. With ArcSight ESM, Apollo Group has the ability to monitor for inappropriate actions and take decisive action before anyone’s reputation is negatively impacted. Apollo Group also specifically protects against data leakage via mobile media. Student loan and other personally identifiable information (PII), for example, must be kept safe. Apollo Group has gone a step beyond usual protocol and has written custom connectors so that employees cannot move that type of data inappropriately through the use of a USB flash drive or email, for that matter. ArcSight ESM features robust capabilities that can proactively detect a vast range of threats and compliance violations, and respond to them in a timely manner. “The ArcSight solution has become the single pane of glass we look through in our information security operations center,” says Scott Carlson, Principal Engineer of Apollo Group Data Center Architecture. “Even with the complexity of adding new data centers, tools and devices over time, ArcSight ESM can handle it,” says Bill Thorn, Senior Manager of IT Services for Apollo Group. “Our ability to respond instantly to incidents as they’re occurring, wherever they’re occurring, is a huge benefit and limits any possible damage.” An important area where ArcSight ESM has helped Apollo Group is in eliminating viruses from the network. Even the latest anti-virus technology cannot catch everything that’s out there. The number of variants is just too great. “Right away, ArcSight ESM helped us identify systems that had updated anti-virus and endpoint protection, but that were still infected,” says Thorn. “We were able to remediate these systems and eliminate that threat from our environment.” The comprehensive correlation and reporting capabilities within ArcSight ESM enable Apollo Group to effectively process billions of security events and maintain compliance with SOX and PCI regulations. “With ArcSight ESM, we now have a very solid solution. It provides us with real-time testable security, as opposed to a reactive model where we would generate and keep nightly reports for analysis,” says Carlson. “With ArcSight ESM, not only can we catch a security event very close to when it happens; we can also prove that we’re doing it.” Looking forward, Apollo Group will continue to integrate, automate and maximize its visibility into what exactly is happening on its network at any given time. It will be aggressively looking at how employees are using the Internet and how malware is coming into the company. “The ability to identify where we’re exposed with malware is going to be very big for us,” says Carlson. “We are extremely pleased to have ArcSight ESM as the basis for our security foundation. Its versatility and raw ability to combat cyberthreats and risk make it an excellent choice.” The ArcSight Impact The University of Phoenix, the company’s largest entity, provides industry-leading education to adult learners. A primary goal of Apollo Group was to match that level of leadership and expertise with a world-class security solution that could discover, analyze and remediate cyberthreats. The University of Phoenix needs to constantly adapt to educational trends and student desires for higher learning, and the IT and IS infrastructure supporting it needs to be nimble enough to keep pace. © Copyright 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. All other product and company names may be trademarks or registered trademarks of their respective owners. ESP-CCS030-031911-03, Created August 2011

Recommended

B.tech cloud technology and information security
B.tech cloud technology and information securityB.tech cloud technology and information security
B.tech cloud technology and information securityiNurture Education Solution pvt ltd
 
Owasp o
Owasp oOwasp o
Owasp oSagar Nangare
 
App sec owasp from developers prospective
App sec owasp from developers prospectiveApp sec owasp from developers prospective
App sec owasp from developers prospectiveSecurity Innovation
 
Strategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskStrategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskMighty Guides, Inc.
 
Integrated mca cloud technology & information security
Integrated mca cloud technology & information securityIntegrated mca cloud technology & information security
Integrated mca cloud technology & information securityiNurture Education Solution pvt ltd
 
vip_day_2._1130_cloud
vip_day_2._1130_cloudvip_day_2._1130_cloud
vip_day_2._1130_cloudNicholas Chia
 
SplunkLive! Atlanta Mar 2013 - University of Alabama at Birmingham
SplunkLive! Atlanta Mar 2013 - University of Alabama at BirminghamSplunkLive! Atlanta Mar 2013 - University of Alabama at Birmingham
SplunkLive! Atlanta Mar 2013 - University of Alabama at BirminghamSplunk
 
SIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalSIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalManageEngine EventLog Analyzer
 

Recommended

B.tech cloud technology and information security
B.tech cloud technology and information securityB.tech cloud technology and information security
B.tech cloud technology and information securityiNurture Education Solution pvt ltd
 
Owasp o
Owasp oOwasp o
Owasp oSagar Nangare
 
App sec owasp from developers prospective
App sec owasp from developers prospectiveApp sec owasp from developers prospective
App sec owasp from developers prospectiveSecurity Innovation
 
Strategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskStrategies for Managing OT Cybersecurity Risk
Strategies for Managing OT Cybersecurity RiskMighty Guides, Inc.
 
Integrated mca cloud technology & information security
Integrated mca cloud technology & information securityIntegrated mca cloud technology & information security
Integrated mca cloud technology & information securityiNurture Education Solution pvt ltd
 
vip_day_2._1130_cloud
vip_day_2._1130_cloudvip_day_2._1130_cloud
vip_day_2._1130_cloudNicholas Chia
 
SplunkLive! Atlanta Mar 2013 - University of Alabama at Birmingham
SplunkLive! Atlanta Mar 2013 - University of Alabama at BirminghamSplunkLive! Atlanta Mar 2013 - University of Alabama at Birmingham
SplunkLive! Atlanta Mar 2013 - University of Alabama at BirminghamSplunk
 
SIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalSIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalManageEngine EventLog Analyzer
 
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksMighty Guides, Inc.
 
Talos threat-intelligence
Talos threat-intelligenceTalos threat-intelligence
Talos threat-intelligencexband
 
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityPAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityMighty Guides, Inc.
 
Hans Bos
Hans BosHans Bos
Hans BosDutch Power
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpointsCisco Canada
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk
 
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxWhy 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxlior mazor
 
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docx
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docxMicrosoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docx
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docxARIV4
 
Claroty Award Write Up
Claroty Award Write UpClaroty Award Write Up
Claroty Award Write UpAna Arriaga
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk
 
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology University
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology UniversityTop Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology University
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology UniversityTopCyberNewsMAGAZINE
 
Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Dr. Afnan Ullah Khan
 
Open Threat Management Platform in USA.pptx
Open Threat Management Platform in USA.pptxOpen Threat Management Platform in USA.pptx
Open Threat Management Platform in USA.pptxCompanySeceon
 
Cisco amp everywhere
Cisco amp everywhereCisco amp everywhere
Cisco amp everywhereCisco Canada
 
Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networksCisco Canada
 
Security operations center inhouse vs outsource
Security operations center inhouse vs outsourceSecurity operations center inhouse vs outsource
Security operations center inhouse vs outsourceNetmagic Solutions Pvt. Ltd.
 
Security operations center inhouse vs outsource
Security operations center inhouse vs outsourceSecurity operations center inhouse vs outsource
Security operations center inhouse vs outsourceNetmagic Solutions Pvt. Ltd.
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakMarc St-Pierre
 
The Polytechnic of Namibia
The Polytechnic of NamibiaThe Polytechnic of Namibia
The Polytechnic of NamibiaCisco Case Studies
 
IntelAdapt
IntelAdaptIntelAdapt
IntelAdaptMaggie Albrecht
 
What are Blockchain & Tokens and are they useful ?
What are Blockchain & Tokens and are they useful ?What are Blockchain & Tokens and are they useful ?
What are Blockchain & Tokens and are they useful ?Scott Carlson
 
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?Scott Carlson
 

More Related Content

Similar to HP Enterprise Security Customer Case Study - Apollo Group

Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksMighty Guides, Inc.
 
Talos threat-intelligence
Talos threat-intelligenceTalos threat-intelligence
Talos threat-intelligencexband
 
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityPAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityMighty Guides, Inc.
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpointsCisco Canada
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk
 
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxWhy 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxlior mazor
 
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docx
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docxMicrosoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docx
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docxARIV4
 
Claroty Award Write Up
Claroty Award Write UpClaroty Award Write Up
Claroty Award Write UpAna Arriaga
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk
 
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology University
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology UniversityTop Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology University
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology UniversityTopCyberNewsMAGAZINE
 
Open Threat Management Platform in USA.pptx
Open Threat Management Platform in USA.pptxOpen Threat Management Platform in USA.pptx
Open Threat Management Platform in USA.pptxCompanySeceon
 
Cisco amp everywhere
Cisco amp everywhereCisco amp everywhere
Cisco amp everywhereCisco Canada
 
Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networksCisco Canada
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakMarc St-Pierre
 

Similar to HP Enterprise Security Customer Case Study - Apollo Group (20)

Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
 
Talos threat-intelligence
Talos threat-intelligenceTalos threat-intelligence
Talos threat-intelligence
 
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT CybersecurityPAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
PAS: Leveraging IT/OT - Convergence and Developing Effective OT Cybersecurity
 
Hans Bos
Hans BosHans Bos
Hans Bos
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpoints
 
Splunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout SessionSplunk for Enterprise Security featuring UBA Breakout Session
Splunk for Enterprise Security featuring UBA Breakout Session
 
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptxWhy 2024 will become the Year of SaaS Security Meetup 24012024.pptx
Why 2024 will become the Year of SaaS Security Meetup 24012024.pptx
 
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docx
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docxMicrosoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docx
Microsoft Strategic InitiativeCharls Yang, Yining Xie, Andres .docx
 
Claroty Award Write Up
Claroty Award Write UpClaroty Award Write Up
Claroty Award Write Up
 
Splunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBASplunk for Enterprise Security Featuring UBA
Splunk for Enterprise Security Featuring UBA
 
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology University
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology UniversityTop Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology University
Top Cyber News MAGAZINE. Dr. Bradford L. Sims. Capitol Technology University
 
Company_Profile_Updated_17032016
Company_Profile_Updated_17032016Company_Profile_Updated_17032016
Company_Profile_Updated_17032016
 
Open Threat Management Platform in USA.pptx
Open Threat Management Platform in USA.pptxOpen Threat Management Platform in USA.pptx
Open Threat Management Platform in USA.pptx
 
Cisco amp everywhere
Cisco amp everywhereCisco amp everywhere
Cisco amp everywhere
 
Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networks
 
Security operations center inhouse vs outsource
Security operations center inhouse vs outsourceSecurity operations center inhouse vs outsource
Security operations center inhouse vs outsource
 
Security operations center inhouse vs outsource
Security operations center inhouse vs outsourceSecurity operations center inhouse vs outsource
Security operations center inhouse vs outsource
 
OpenText Cyber Resilience Fastrak
OpenText Cyber Resilience FastrakOpenText Cyber Resilience Fastrak
OpenText Cyber Resilience Fastrak
 
The Polytechnic of Namibia
The Polytechnic of NamibiaThe Polytechnic of Namibia
The Polytechnic of Namibia
 
IntelAdapt
IntelAdaptIntelAdapt
IntelAdapt
 

More from Scott Carlson

What are Blockchain & Tokens and are they useful ?
What are Blockchain & Tokens and are they useful ?What are Blockchain & Tokens and are they useful ?
What are Blockchain & Tokens and are they useful ?Scott Carlson
 
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?Scott Carlson
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Scott Carlson
 
DCD Converged Brazil 2016
DCD Converged Brazil 2016 DCD Converged Brazil 2016
DCD Converged Brazil 2016 Scott Carlson
 
Trust But Control: Managing Privileges without killing productivity
Trust But Control: Managing Privileges without killing productivityTrust But Control: Managing Privileges without killing productivity
Trust But Control: Managing Privileges without killing productivityScott Carlson
 
RSA 2015 Realities of Private Cloud Security
RSA 2015 Realities of Private Cloud SecurityRSA 2015 Realities of Private Cloud Security
RSA 2015 Realities of Private Cloud SecurityScott Carlson
 
RSA 2016 Realities of Data Security
RSA 2016 Realities of Data SecurityRSA 2016 Realities of Data Security
RSA 2016 Realities of Data SecurityScott Carlson
 
Will Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack SecurityWill Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack SecurityScott Carlson
 
Interop Las Vegas Cloud Connect Summit 2014 - Software Defined Data Center
Interop Las Vegas Cloud Connect Summit 2014 - Software Defined Data CenterInterop Las Vegas Cloud Connect Summit 2014 - Software Defined Data Center
Interop Las Vegas Cloud Connect Summit 2014 - Software Defined Data CenterScott Carlson
 
Can Security & Agility Co-Exist
Can Security & Agility Co-ExistCan Security & Agility Co-Exist
Can Security & Agility Co-ExistScott Carlson
 
You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011Scott Carlson
 
Marriage of ESX and OpenStack - PayPal - VMWorld US 2013
Marriage of ESX and OpenStack - PayPal - VMWorld US 2013Marriage of ESX and OpenStack - PayPal - VMWorld US 2013
Marriage of ESX and OpenStack - PayPal - VMWorld US 2013Scott Carlson
 
McAfee Focus 2011 - Security in the Age of a Mobile Workforce and Mobile Devices
McAfee Focus 2011 - Security in the Age of a Mobile Workforce and Mobile DevicesMcAfee Focus 2011 - Security in the Age of a Mobile Workforce and Mobile Devices
McAfee Focus 2011 - Security in the Age of a Mobile Workforce and Mobile DevicesScott Carlson
 
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Scott Carlson
 
High Availability OpenStack at PayPal - OpenStack Summit Fall Hong Kong 2013
High Availability OpenStack at PayPal - OpenStack Summit Fall Hong Kong 2013High Availability OpenStack at PayPal - OpenStack Summit Fall Hong Kong 2013
High Availability OpenStack at PayPal - OpenStack Summit Fall Hong Kong 2013Scott Carlson
 

More from Scott Carlson (15)

What are Blockchain & Tokens and are they useful ?
What are Blockchain & Tokens and are they useful ?What are Blockchain & Tokens and are they useful ?
What are Blockchain & Tokens and are they useful ?
 
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?
RSA APJ - BLOCKCHAIN SECURITY – IS IT REALLY DIFFERENT THAN ANYTHING ELSE ?
 
Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?Just Trust Everyone and We Will Be Fine, Right?
Just Trust Everyone and We Will Be Fine, Right?
 
DCD Converged Brazil 2016
DCD Converged Brazil 2016 DCD Converged Brazil 2016
DCD Converged Brazil 2016
 
Trust But Control: Managing Privileges without killing productivity
Trust But Control: Managing Privileges without killing productivityTrust But Control: Managing Privileges without killing productivity
Trust But Control: Managing Privileges without killing productivity
 
RSA 2015 Realities of Private Cloud Security
RSA 2015 Realities of Private Cloud SecurityRSA 2015 Realities of Private Cloud Security
RSA 2015 Realities of Private Cloud Security
 
RSA 2016 Realities of Data Security
RSA 2016 Realities of Data SecurityRSA 2016 Realities of Data Security
RSA 2016 Realities of Data Security
 
Will Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack SecurityWill Your Cloud Be Compliant? OpenStack Security
Will Your Cloud Be Compliant? OpenStack Security
 
Interop Las Vegas Cloud Connect Summit 2014 - Software Defined Data Center
Interop Las Vegas Cloud Connect Summit 2014 - Software Defined Data CenterInterop Las Vegas Cloud Connect Summit 2014 - Software Defined Data Center
Interop Las Vegas Cloud Connect Summit 2014 - Software Defined Data Center
 
Can Security & Agility Co-Exist
Can Security & Agility Co-ExistCan Security & Agility Co-Exist
Can Security & Agility Co-Exist
 
You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011
 
Marriage of ESX and OpenStack - PayPal - VMWorld US 2013
Marriage of ESX and OpenStack - PayPal - VMWorld US 2013Marriage of ESX and OpenStack - PayPal - VMWorld US 2013
Marriage of ESX and OpenStack - PayPal - VMWorld US 2013
 
McAfee Focus 2011 - Security in the Age of a Mobile Workforce and Mobile Devices
McAfee Focus 2011 - Security in the Age of a Mobile Workforce and Mobile DevicesMcAfee Focus 2011 - Security in the Age of a Mobile Workforce and Mobile Devices
McAfee Focus 2011 - Security in the Age of a Mobile Workforce and Mobile Devices
 
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
Marriage of Openstack with KVM and ESX at PayPal OpenStack Summit Hong Kong F...
 
High Availability OpenStack at PayPal - OpenStack Summit Fall Hong Kong 2013
High Availability OpenStack at PayPal - OpenStack Summit Fall Hong Kong 2013High Availability OpenStack at PayPal - OpenStack Summit Fall Hong Kong 2013
High Availability OpenStack at PayPal - OpenStack Summit Fall Hong Kong 2013
 

HP Enterprise Security Customer Case Study - Apollo Group

  • 1. Apollo Group HP Enterprise Security Customer Case Study “We are extremely pleased to have ArcSight ESM as the basis for our security foundation. Its versatility and raw ability to combat cyberthreats and risk make it an excellent choice.” —Scott Carlson, Principal Engineer, Apollo Group Data Center Architecture Customer Brief HP Enterprise Security Customer Case Study: Apollo Group, parent company of the University of Phoenix and several other higher education institutions, relies on ArcSight ESM to provide visibility and intelligence into its network and to protect against zero day cyberthreats. Industry: Education Apollo Group, Inc. is one of the world’s largest private education providers and has been in the education business for more than 35 years. The company offers innovative and distinctive educational programs and services both online and on-campus at the high school, undergraduate, master and doctoral levels through its subsidiaries: University of Phoenix, Apollo Global, Institute for Professional Development, College for Financial Planning and Meritus University. The company’s programs and services are provided in 40 states and the District of Columbia; Puerto Rico; Canada; Latin America; and Europe, as well as online throughout the world. Product(s) • rcSight ESM A Business Benefits • rcSight ESM enables Apollo Group to maximize A its visibility and intelligence into its network, and protect against zero day cyberthreats • eeds from numerous vendors are easily F correlated into events, allowing the security team to act immediately • pollo Group can prove it is meeting compliance A requirements and can respond to auditor requests quickly and easily The Apollo Group Challenge Apollo Group is a publicly traded parent company that owns the University of Phoenix and a number of other subsidiaries in the education arena. With 300 physical locations in six countries, 500,000 students, 50,000 faculty and 22,000 employees, Apollo Group has a formidable challenge in securing all its systems, data and endpoints. Apollo Group needed to be able to meet rigorous audit and compliance requirements for regulations such as SOX and PCI. It also aimed to take its security to the next level and do more real-time correlation and alerting of security events across its entire infrastructure. In building a more mature security operations center, Apollo Group required a fully featured threat and risk management system that could deliver. Originally, Apollo Group had deployed a product to address these challenges; however, it failed to meet the organization’s requirements over time and had to be re-evaluated. It simply could not scale along with the
  • 2. pace of business. In a head-to-head competition, ArcSight ESM performed better, offered more features and flexibility, and also ranked highest among industry thought leaders. It quickly became the clear choice. The ArcSight Solution ArcSight ESM enables Apollo Group to increase its visibility and intelligence into its network and protect against zero day cyberthreats. The organization has a diverse population of technologies and security products (McAfee, Blue Coat, Sourcefire, etc.) and the capability of ArcSight ESM to correlate events across all those logs in real time allows it to respond more quickly to risk and threats. With ArcSight ESM, Apollo Group has been able to create unique use cases to identify events specific to its environment. One example is preventing student misuse of Internet resources. When students register for a course, they are required to submit homework and interact with their peers and instructor via message boards contained on the classroom portal. With ArcSight ESM, Apollo Group has the ability to monitor for inappropriate actions and take decisive action before anyone’s reputation is negatively impacted. Apollo Group also specifically protects against data leakage via mobile media. Student loan and other personally identifiable information (PII), for example, must be kept safe. Apollo Group has gone a step beyond usual protocol and has written custom connectors so that employees cannot move that type of data inappropriately through the use of a USB flash drive or email, for that matter. ArcSight ESM features robust capabilities that can proactively detect a vast range of threats and compliance violations, and respond to them in a timely manner. “The ArcSight solution has become the single pane of glass we look through in our information security operations center,” says Scott Carlson, Principal Engineer of Apollo Group Data Center Architecture. “Even with the complexity of adding new data centers, tools and devices over time, ArcSight ESM can handle it,” says Bill Thorn, Senior Manager of IT Services for Apollo Group. “Our ability to respond instantly to incidents as they’re occurring, wherever they’re occurring, is a huge benefit and limits any possible damage.” An important area where ArcSight ESM has helped Apollo Group is in eliminating viruses from the network. Even the latest anti-virus technology cannot catch everything that’s out there. The number of variants is just too great. “Right away, ArcSight ESM helped us identify systems that had updated anti-virus and endpoint protection, but that were still infected,” says Thorn. “We were able to remediate these systems and eliminate that threat from our environment.” The comprehensive correlation and reporting capabilities within ArcSight ESM enable Apollo Group to effectively process billions of security events and maintain compliance with SOX and PCI regulations. “With ArcSight ESM, we now have a very solid solution. It provides us with real-time testable security, as opposed to a reactive model where we would generate and keep nightly reports for analysis,” says Carlson. “With ArcSight ESM, not only can we catch a security event very close to when it happens; we can also prove that we’re doing it.” Looking forward, Apollo Group will continue to integrate, automate and maximize its visibility into what exactly is happening on its network at any given time. It will be aggressively looking at how employees are using the Internet and how malware is coming into the company. “The ability to identify where we’re exposed with malware is going to be very big for us,” says Carlson. “We are extremely pleased to have ArcSight ESM as the basis for our security foundation. Its versatility and raw ability to combat cyberthreats and risk make it an excellent choice.” The ArcSight Impact The University of Phoenix, the company’s largest entity, provides industry-leading education to adult learners. A primary goal of Apollo Group was to match that level of leadership and expertise with a world-class security solution that could discover, analyze and remediate cyberthreats. The University of Phoenix needs to constantly adapt to educational trends and student desires for higher learning, and the IT and IS infrastructure supporting it needs to be nimble enough to keep pace. © Copyright 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. All other product and company names may be trademarks or registered trademarks of their respective owners. ESP-CCS030-031911-03, Created August 2011