Intel won't disclose how much it spent on the SBI platform, but enterprise architect Stacy Purcell says its capacity for identifying suspicious activity enables the security team to respond to threats rapidly.
Data+ Awards: Intel uses BI to quickly contain and remediate security threats
A platform built for big data parses 1 million events per second.
Computerworld - Following two security lapses several years ago, Intel executives pushed for an information security overhaul. But at a company with more than 100,000 employees in 63 countries, deploying a system capable of detecting, reporting and responding to suspicious activity meant gaining insight into a massive enterprise IT architecture -- and that was a big challenge.
So Intel used big data technologies when it built its Security Business Intelligence (SBI) platform. A key component of the company's "Protect to Enable" enterprise security strategy, the SBI system collects, aggregates and analyzes data from all corners of the enterprise as it keeps an eye out for things like unauthorized data transfers and advanced persistent threats.
"We have a big data environment, so we had to design a solution to accommodate that," says enterprise architect Stacy Purcell.
Michael Suby, an analyst at Frost & Sullivan, says many large organizations are using big data to improve their IT security. "Conceptually, it should help Intel in fortifying their environment, identifying threats as they're occurring and mitigating those threats," he says.
Deployed in 2012, the SBI platform uses a combination of custom-built and off-the-shelf hardware and software to collect, store and analyze data from servers, databases and other systems.
A common logging service collects and parses event and contextual data at a rate of more than 1 million events per second; it also supports report generation and workflow automation.
The SBI platform has advanced analytics functionality, making it possible to drill down into selected anomalies to make inferences that help investigators to identify the cause of abnormal activity.
With an average of more than 6 billion new logged events a day, Intel's team of operations, engineering, architecture and privacy experts needed tools that could handle the volume easily enough to contain and remediate threats in a timely manner.
"Without this capability, we couldn't even answer basic question like, 'How big a problem is X in our environment?'" Purcell says. "It's game-changing for us in that we can create solutions in response to risks."
More Data+ 2013
- Catalist delivers critical voter data to campaign workers
- Constant Contact culls trends from billions of emails
- Express Scripts helps lower prescription costs
- Harvard's Clean Energy Project gets a massive speed boost
- Ingram Micro nets 135% increase in service renewals with BI
- Intel uses BI to quickly contain and remediate security threats
- Florida youth welfare agency pinpoints aid with BI
- LiveRail delivers detailed metrics on ad spends
- Novation helps hospitals get better deals on supplies
- Procter & Gamble puts global BI data in executives' hands
- BI helps Quintiles speed new drugs to market
- Vanguard Health delivers $62 million to the bottom line
Read more about Applications in Computerworld's Applications Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts