The Objective
Revamping IT Infrastructure for a large-scale corporation spread across industries
The Challenge
Operating on a large scale across diverse verticals, the client had specific challenges to overcome in their IT infrastructure:
Give flexible access to privileged users such engineers, IT auditors, database and systems admins, developer and data center managers to access, modify or delete sensitive corporate data and audit logs.
The Solution
Inspira approached with a smart solution of setting up SIEM/SOC process to surpass the challenge. This configuration resulted in preconfigured alerts when:
- ⦿ Account, group or privileges were added or modified.
- ⦿ Dormant account used or use attempted.
- ⦿ DoS attack by account deletion.
- ⦿ New account use detected.
- ⦿ Suspicious privileged activity
- ⦿ Account created and deleted in a short period of time
Key Benefits
The aggregation and analytical actions generated through SIEM/SOC benefitted the client in identifying user behavior patterns when deviated from normal. Also, timely notified with reports about privileged user activities across security domains.
The Result
Inspira’s consolidated technologies efficaciously supported the client’s infrastructure with Remote SOC and SIEM Monitoring.