Medical Mutual of Ohio Gains Access to Vital Security Data Via Syncsort Ironstream and Splunk Enterprise
April 27 — Syncsort, a global leader in Big Data and mainframe software, today announced Medical Mutual of Ohio is using Syncsort’s unique Ironstream software to make mainframe security data available in real time to the Splunk Enterprise platform to help protect customer information stored in DB2 from unauthorized access.
Now, Medical Mutual is able to see previously hard-to-access mainframe data, alongside other security information it was already analyzing in Splunk Enterprise. Splunk Enterprise enables a consolidated enterprise-wide view of machine data collected across the business, which makes it possible to correlate events that might not raise suspicion alone, but could be indicative of a threat when seen together.
“Medical Mutual of Ohio has been using Splunk Enterprise to monitor unauthorized access on distributed systems,” said Craig Fox, Security Specialist at Medical Mutual of Ohio. “Now by adding mainframe data provided by Ironstream into Splunk Enterprise, we finally have a real-time, 360-degree view that enables us to correlate all of our security data from across the enterprise and gain visibility into user-authentication data and access attempts tracked on the mainframe.”
With Ironstream leveraging Splunk Enterprise, Medical Mutual has now implemented what’s known as a Big Iron to Big Data security strategy enabling them to:
- Track security events and data from multiple platforms including IBM z/OS mainframes, Windows and distributed servers and correlate the information in Splunk Enterprise for better security.
- Diagnose and respond to high severity security issues more quickly since data across the entire enterprise is being monitored in real time.
- Provide monthly and daily reporting with an up-to-the-minute account of unusual user activity.
- Detect security anomalies and analyze their trends – the cornerstone of Security Information and Event Management (SIEM) strategies.
“We have been impressed with the Splunk platform’s ability to handle massive amounts of data from different formats and indexes and to decipher and correlate security events through analytics,” continued Fox. “Now, with Ironstream, we can also stream mainframe security data for even greater insights. Our mainframe team is also satisfied with Ironstream’s low overhead, which keeps mainframe processing costs low.”
Organizations can download a free Ironstream Starter Edition and begin streaming z/OS Syslog data into Splunk solutions. Unlike typical technology trials, the Starter Edition is not time-limited and may be used in production at no charge. This includes access to the Ironstream applications available for download on Splunkbase.
Syncsort provides enterprise software that allows organizations to collect, integrate, sort and distribute more data in less time, with fewer resources and lower costs. Thousands of customers in more than 85 countries, including 87 of the Fortune 100 companies, use our fast and secure software to optimize and offload data processing workloads. Syncsort software provides specialized solutions spanning “Big Iron to Big Data,” including next gen analytical platforms such as Hadoop, cloud, and Splunk. For over 48 years customers have turned to Syncsort’s software and expertise to dramatically improve performance of their data processing environments, while reducing hardware and labor costs. Experience Syncsort at http://www.syncsort.com.
About Splunk Inc.
Splunk Inc. (NASDAQ: SPLK) is the market-leading platform that powers Operational Intelligence. We pioneer innovative, disruptive solutions that make machine data accessible, usable and valuable to everyone. More than 11,000 customers in over 110 countries use Splunk software and cloud services to make business, government and education more efficient, secure and profitable. Join hundreds of thousands of passionate users by trying Splunk solutions for free: http://www.splunk.com/free-trials.