Flinders University needed more visibility over its data, and the university’s manual troubleshooting investigations around potential security breaches often provided more questions than answers.
With monitoring tools from Splunk, Flinders University ensures the safety and security of staff and students while providing actionable insights and higher fidelity notifications for prompt, meaningful decisions.
Creating a secure environment for students can be a unique challenge.
Flinders University, a research university in Adelaide, South Australia, serves over 25,000 students and offers a diverse array of activities and areas of study. Lauded in particular for its strong medical, science and defense programs, Flinders University is proud to be an early adopter of new technologies. With thousands of students and staff accessing systems both from campus and remotely, having strong cybersecurity and identity management was a core focus for the university’s IT team. Splunk has provided more visibility into the institution’s networks than ever before, improving security measures for user activity and offering easy, detailed monitoring solutions to keep student and staff information safe from attacks.
Acing Adaptability to Reach Maximum Efficiency
Splunk is an essential security and response solution for Flinders University. According to information security specialist Lachlan Johnson, the cybersecurity team is small and operates with limited resources — so having the right tools is vital. “Splunk is important for visibility. It puts everything we need into one place, and it’s incredibly clear how to build dashboards,” says Johnson. “I look at Splunk as an additional member of our team that’s looking for things when we’re not, which means higher efficiency.”
The data Splunk provides helps the team identify a problem and understand a clear course of action to solve it. Whereas previously, it could take days until the team even discovered an issue, alerts are instant with Splunk. “You can act on the data anywhere immediately, as opposed to needing to log into multiple systems and spend time bringing data together,” says Johnson. Since a user only needs to press one button to see the data, teams can respond to alerts in minutes instead of hours. This empowers the university to make informed decisions quickly and instills confidence that the information security team has things under control.
"The Splunk dashboard is a popular way to deliver content to the other stakeholders we collaborate with across the university so they can see the data in real time,” says Kim Valois, chief information security officer at Flinders University. “Splunk is used for more than just security, including monitoring network Wi-Fi usage, tracking volumes in the parking facility, measuring class participation and understanding the volume of attendees on open days, when we welcome prospective students to experience campus firsthand before they enroll.”
Early Adoption Leads to Stronger Security
Being at the forefront of new technologies is critical for Flinders University to stay competitive and keep its systems secure. With more students and staff studying and working remotely than ever before, as well as the evolving cyberthreat landscape, the team became early adopters of Okta. As such, single sign-on (SSO) and multifactor authentication (MFA) enablement were important integrations for Flinders University over the last year.
“When we rolled out the Okta integration, Splunk provided great visibility into usage off the bat, leading to an explosion of meaningful dashboards and reporting, including monitoring how many people were on campus during COVID recovery, and looking at VPN usage as the workforce moved remote. This enabled the vice-chancellor to see the trend of staff and students coming back on campus and put him in a position to coordinate the university’s response,” says Johnson. “Splunk really allowed us to ramp up the reporting and alerting side when we joined the two systems together.”
Staying Agile for Continued Success
As part of the university sector, Flinders University has to juggle a lot of requirements, including a detailed privacy plan, insurance coverage, certain industry standards and external audits by state and commonwealth governments. But the institution also requires a flexible security architecture without imposing a one-size-fits-all approach. Along with keeping its staff and students secure after an unprecedented year, the university must be able to respond to security threats quickly and confidently.
“Safely monitoring what people are doing on systems and integrating that with identity access management is important,” says Valois. “Splunk is friendly for users of varying skill sets from across campus. Now we can determine what good security and monitoring looks like and implement it faster.”
Flinders University initially implemented Splunk to expand visibility and unify systems. But as the university’s technology decisions have evolved, the Splunk platform has met its changing needs, providing security monitoring, identity management, endpoint control and more. Moving forward, Flinders University plans to continue expanding use of the Splunk platform, making it available to more stakeholders and further cementing Splunk as a valuable member of this forward-thinking team.