Case Study

Maryland Lottery and Gaming Control Agency Bets on Splunk

Executive Summary

Public sector IT leaders face the challenge of ensuring secure operations while also meeting significant compliance mandates with limited budgets and staff. The Maryland Lottery and Gaming Control Agency (MLGCA) operates the state lottery and serves as regulator of the state’s six casinos. The MLGCA oversees lottery and gaming activities that generate more than $1 billion in annual contributions to the State of Maryland. The agency deployed Splunk Enterprise as part of an effort to modernize its IT operations. Since that deployment, the MLGCA has saved up to six hours a week on compliance tasks, has improved its security posture and has seen additional benefits, including:

  • Enhanced security for sensitive data
  • Real-time, self-service compliance reporting for auditors
  • Improved security monitoring for the IT team and chief information officer
  • Improved anomaly detection to quickly identify and prevent security breaches
Challenges
    • Identify potential anomalies faster, to detect and prevent security breaches
    • Reduce the time and effort needed to ensure compliance
    • Discover and report on root causes of IT issues
Business Impact
    • Protect sensitive data and agency reputation
    • Provide real-time compliance reporting for auditors and security monitoring for the IT team and CIO
    • Enable the IT staff to improve speed and efficiency in responding to issues

Why Splunk

In Maryland, every prospective casino employee must pass a background investigation prior to receiving a gaming license. These investigations require access to federal and state criminal records, and the MLGCA must meet specific criteria regarding the security of the database used in this licensing process. The agency also needs to document IT processes every week to meet audit requirements pertaining to systems, firewalls and network devices, as defined by Maryland’s Office of Legislative Audits.

Prior to adopting Splunk Enterprise, the agency spent several hours each week manually monitoring these processes. The IT staff researched new solutions to automate and modernize security operations and selected Splunk Enterprise, based on its reputation as a market leader.

“We’re in a much better place now,” says MLGCA Chief Information Officer Jeff Patchen. “The alerts and dashboards in Splunk Enterprise give me much higher confidence in our security posture.”

“We’re in a much better place now. The alerts and dashboards in Splunk Enterprise give me much higher confidence in our security posture.”



Jeff Patchen,
CIO, Maryland Lottery and Gaming Control Agency

Putting IT in control

MLGCA’s IT staff are tasked with managing an environment that consists of more than 40 virtual machines. Implementing Splunk Enterprise has provided Patchen and his staff with visibility that is especially critical when dealing with the type of sensitive data that the agency needs to collect. Splunk Enterprise also helps protect against internal misuse.

“It provides an excellent level of control,” Patchen says. “If somebody is doing something they shouldn’t be doing it gets captured within Splunk. Then I have some oversight reporting that I can use as evidence of what occurred.”

The MLGCA’s deployment of Splunk Enterprise has also freed up internal IT resources. According to Patchen, the agency has reduced the time and effort spent on manual tasks, saving on average four to six hours weekly. Moreover, state auditors had not previously had access to self-service reports with realtime visibility now generated via Splunk Enterprise.

By automating essential processes, the agency’s IT staff can respond faster to events that might indicate a security breach, and more efficiently maintain and improve the MLGCA’s overall security posture. Patchen emphasizes the immeasurable value of having a real-time security snapshot.

“How do you quantify the insight into some of these events that we proactively catch?” he says. “Splunk is helping us to detect potential breaches before they turn into actual breaches that could cost the agency millions of dollars and become public relations nightmares.”

“How do you quantify the insight into some of these events that we proactively catch? Splunk is helping us to detect potential breaches before they turn into actual breaches that could cost the agency millions of dollars and become public relations nightmares.”



Jeff Patchen,
CIO, Maryland Lottery and Gaming Control Agency

Splunk adoption spreads

The MLGCA’s use of Splunk Enterprise is moving beyond the IT department. Patchen says he is evaluating ways to employ Splunk Enterprise to generate business insights that can be used by the state lottery’s sales division to better target specific geographies. Key to that effort are the self-service capabilities that Splunk Enterprise enables.

While the MLGCA is still exploring the full potential of Splunk Enterprise, Patchen says the software has already proved beneficial. “Splunk gives us easy visibility into our operation without having to rely on staff to sit down and manually cobble together reports on a weekly or daily basis,” Patchen says. “We don’t have to wait days to get something that we may want to know right away.”

“Splunk gives us easy visibility into our operation without having to rely on staff to sit down and manually cobble together reports on a weekly or daily basis. We don’t have to wait days to get something that we may want to know right away.”



Jeff Patchen,
CIO, Maryland Lottery and Gaming Control Agency