Staying resilient when the world changed overnight
Wanting to meet ever-increasing cybersecurity threats with expanded security capabilities, Cal Poly began its cloud journey in 2016. Though the university began to benefit from the agility that the cloud provides, its infrastructure also became more complex, limiting the ability to see into systems and fix issues quickly. Now with the Splunk platform, the university has visibility into its systems, correlating over 105GB of data from disparate sources each day to fight threats and strengthen Cal Poly’s security posture. “Data is instrumental in our day-to-day business of security. If we didn't have that visibility that Splunk provides us on a daily basis, we would just be flying blind,” Lomsdalen says.
This visibility was especially critical during the pandemic, when the university was forced remote virtually overnight and any blindspots could have proved catastrophic. With Splunk’s tools, the team quickly and seamlessly went remote, and each staff member still had critical, real-time visibility into Cal Poly’s security posture.
Student learning remains front and center at Cal Poly — pandemic or not — and student employees, under the supervision of senior staff engineers, play a key role in the university’s security operations by designing, building and monitoring the Splunk dashboards that pull in critical information about the university’s security posture. When the university went remote, it was vital the students continued to have access to the data they needed, whether they were in their dorm or at their kitchen table. With Splunk, the data remained at their fingertips. “Because the data never really left campus, students could still access all the tools and log sources to operate a secure environment,” says Lomsdalen. During this challenging time, students experienced the importance of cybersecurity first-hand — and protected the university at the same time.