The Nevada Department of Transportation (NDOT) has wide spanning responsibility – the organization oversees the maintenance and repair of 5,400 miles of highway and over 1,000 bridges that comprise Nevada’s highway system. NDOT also manages the state’s 511 system which enables citizens to share updates on road conditions and delays caused by construction or natural events like rock slides. Furthermore, the department maintains a statewide video camera network that allows motorists to view traffic levels prior to travelling. With all these roadways to take care of on top of other critical duties, NDOT deals with huge amounts of big data; as such, they are tasked with the responsibility of ensuring the security of this information.
Recently, NDOT’s Information Security Officer (ISO) realized that better reporting from the department’s Internet content filtering solution was key to documenting web activity, which in turn would help her team recognize and respond to suspicious and malicious activity. The ISO believed that many employees thought that hackers were only motivated to steal information that they could monetize and, therefore, NDOT was not at risk. However, she knew that hackers from rogue nations and elsewhere seek to cause economic and social disruptions, which makes NDOT, a department responsible for transportation infrastructure, a prime target for causing unrest. NDOT’s ISO hoped that being able to show attempted attacks and weaknesses would serve as a wake-up call to the agency’s employees and stakeholders.
Upon learning about data visualizations with Splunk, the NDOT team used the Splunk dashboard editor to build two dashboards to graphically present and manage logs for diagnosis and troubleshooting. One dashboard captured logs from the department’s web and FTP servers to track security events. The other collected data from servers, switches, routers, and firewalls throughout the network to inform staff of events like errors, time-outs, crashes, and alerts. Once NDOT began sending data into Splunk, they immediately gained operational visibility into security and IT/Ops issues that had previously taken countless, laborious, and tedious man-hours to resolve. In sum, root cause analysis was sped up and simplified.
For example, on the same morning that Splunk was installed, the team realized that someone overseas was attempting to use a misconfigured networked device to access the agency’s information systems. Thanks to this visualization, NDOT’s firewall was correctly reconfigured that afternoon to deny such outside connections, plugging what could have been a costly security hole for the department. This finding enabled the ISO to impede the many attempts by hackers to penetrate NDOT’s network as well as bolster the agency’s defense systems.
Beyond security, Splunk has facilitated other key troubleshooting difficulties within the NDOT network which has resulted in huge cost savings. In another instance, a large color printer and copier had become extremely costly to own because of its consumption of color ink. The IT team felt it was necessary to replace the expensive device with multiple inkjet printers to reduce costs. To determine if this action was actually necessary, staff collected printing logs within Splunk. They found that the printer’s default setting was color rather than black and white, causing excess use of the color cartridges. Simply resetting the printer turned out to be more cost-effective than replacing it with multiple inkjet printers. They even identified the printer’s heaviest users to curtail their usage and further lessen costs.
Using Splunk, NDOT has found operational efficiencies that have helped to extend budgets, realized the steps necessary to correct and fortify its cybersecurity network, and turned the agency from reactive to proactive. To learn more about how Splunk has helped NDOT improve public safety and extract value from NDOT, download the full case study here. And if you’d like to see Splunk first-hand, check out the Splunk Discovery Day and SplunkLive! events to find a location near you.