Keystart Improves Productivity and Ensures Compliance Remains Paramount With Splunk

keystart

Executive Summary

As a privately run, government-owned mortgage provider based in Western Australia, Keystart helps address housing affordability in Perth and the wider state. Now in its thirtieth year of operation, the organization employs 130 people and manages a portfolio valued at over 5 billion dollars. Over the last three decades, Keystart has helped over 120,000 people into their first home when they would otherwise have been ineligible.

Keystart supports customers across numerous data-driven channels, adhering to specific legal requirements to ensure compliance within government standards. To ensure data security while enhancing customer experiences, Keystart deploys Splunk® technology to:

  • Enhance security measures through a unified view of systems
  • Reduce cost and resources in managing large data sets
  • Help monitor compliance against security standards
  • Decrease incident response time by 75% through a centralized platform

Expanding Access to Data

Before deploying Splunk, Keystart developed a custom, in-house solution for security log collection, management, alerting and reporting — a task that took away valuable time from the security team. “With no formalized security programs or systems, there was no concise and efficient way to aggregate log data and events, monitor network infrastructure and firewalls, and produce alerts on detected anomalies,” says Sean Smart, Information Security Officer at Keystart. “There was some good security hygiene due to being within the finance vertical, but no real structure. It became increasingly important to establish a SIEM to assist with meeting our Information Security Management System (ISMS) objectives, along with policies and procedure suites.”

Challenges
  • Limited staff in the security team
  • Lack of formalized and unified security programs or systems
  • Strict auditing process and compliance requirements

Centralizing View Across Systems

Keystart wanted the ability to check logs frequently — auditing upwards of 2 million events per day. The team quickly realized that there could be expensive implementation costs and heavy resourcing hours to effectively manage the large security data sets of the business.

Splunk provided Keystart with a flexible and cost-effective solution which enabled them to bring on a few critical systems, proxy logs, firewall logs and authentication logs. Keystart implemented Splunk Enterprise, which has helped replace and retire legacy systems while unifying data in one place.

Business Impact
  • Increases productivity in the operational space
  • Enables consistent and unified view across systems
  • Reduced time on incident response by 75%
Increasing Productivity and Improving Customer Experience

“In addition to improving customer experience, Splunk has provided tangible productivity benefits and assisted the business with our strict compliance obligations,” Smart explains.

He adds that Splunk has helped streamline Keystart’s investigation process and significantly reduce manual processing time. “Not having to log into multiple systems and being able to use a consistent search language, it makes that response much quicker.”

Reducing Incident Response Time by 75%

“Keystart knew the benefits of Splunk based on prior research, and I was glad to verify that it was accurate. We’ve since realized just how much time we’ve saved on incident response, reducing it by 75%,” says Smart. Keystart has achieved greater confidence in compliance as well as cost savings and increased productivity. As a mortgage provider owned by the Western Australian government, Keystart continues to balance the needs of its many customers with the necessity to stay compliant.

By relying on Splunk, many of these key areas are automated, meaning the focus can shift from day-to-day management to improving and optimizing the business. Since Splunk’s current applications have been immediately successful, Keystart is exploring additional Splunk use cases throughout the organization, such as using Splunk for business analytics and as a business intelligence tool.

Prior to Splunk, I had to internally write some applications to get a comprehensive overview of our siloed system. Now with Splunk’s alerts and a unified view across systems, we’ve reduced incident response time by 75% and increased our productivity at least four-fold."
— Sean Smart, Information Security Security Officer, Keystart
Industry: Financial Services
Do More With Splunk