Keystart Improves Productivity and Ensures Compliance Remains Paramount With Splunk

Executive Summary

As a privately run, government-owned mortgage provider based in Western Australia, Keystart helps address housing affordability in Perth and the wider state. Now in its thirtieth year of operation, the organization employs 130 people and manages a portfolio valued at over 5 billion dollars. Over the last three decades, Keystart has helped over 120,000 people into their first home when they would otherwise have been ineligible.

Keystart supports customers across numerous data-driven channels, adhering to specific legal requirements to ensure compliance within government standards. To ensure data security while enhancing customer experiences, Keystart deploys Splunk® technology to:

• Enhance security measures through a unified view of systems
• Reduce cost and resources in managing large data sets
• Help monitor compliance against security standards
• Decrease incident response time by 75% through a centralized platform

Expanding Access to Data

Before deploying Splunk, Keystart developed a custom, in-house solution for security log collection, management, alerting and reporting — a task that took away valuable time from the security team. “With no formalized security programs or systems, there was no concise and efficient way to aggregate log data and events, monitor network infrastructure and firewalls, and produce alerts on detected anomalies,” says Sean Smart, Information Security Officer at Keystart. “There was some good security hygiene due to being within the finance vertical, but no real structure. It became increasingly important to establish a SIEM to assist with meeting our Information Security Management System (ISMS) objectives, along with policies and procedure suites.”

Centralizing View Across Systems

Keystart wanted the ability to check logs frequently — auditing upwards of 2 million events per day. The team quickly realized that there could be expensive implementation costs and heavy resourcing hours to effectively manage the large security data sets of the business.

Splunk provided Keystart with a flexible and cost-effective solution which enabled them to bring on a few critical systems, proxy logs, firewall logs and authentication logs. Keystart implemented Splunk Enterprise, which has helped replace and retire legacy systems while unifying data in one place.

“In addition to improving customer experience, Splunk has provided tangible productivity benefits and assisted the business with our strict compliance obligations,” Smart explains.

He adds that Splunk has helped streamline Keystart’s investigation process and significantly reduce manual processing time. “Not having to log into multiple systems and being able to use a consistent search language, it makes that response much quicker.”

“Keystart knew the benefits of Splunk based on prior research, and I was glad to verify that it was accurate. We’ve since realized just how much time we’ve saved on incident response, reducing it by 75%,” says Smart. Keystart has achieved greater confidence in compliance as well as cost savings and increased productivity. As a mortgage provider owned by the Western Australian government, Keystart continues to balance the needs of its many customers with the necessity to stay compliant.

By relying on Splunk, many of these key areas are automated, meaning the focus can shift from day-to-day management to improving and optimizing the business. Since Splunk’s current applications have been immediately successful, Keystart is exploring additional Splunk use cases throughout the organization, such as using Splunk for business analytics and as a business intelligence tool.