From Daily Workflows to Disaster Recovery
At Raymond James, the security, engineering and operations department is responsible for network security, infrastructure security, and reporting and monitoring. According to Kevin Lane, a Raymond James security engineer, “With our previous platform, we wanted more consistent data, to correlate events across multiple systems and log types, and to decrease our time to resolve IT and security investigations.”
A proof of concept (POC) enabled the team to determine that Splunk Cloud met its requirements, including increased query speed. “When you’re doing investigative work for security reasons, you want to resolve incidents quickly,” Lane says. “Certain queries over a month used to take about 48 hours to return, and then we ran the same query in Splunk Cloud, and it took approximately 30 minutes.”.
“In the financial services industry, getting the right information, being able to correlate and search through data quickly is very beneficial to us,” says Lauren Deren, security engineering and operations manager at Raymond James.
With Splunk Cloud, Raymond James would not have to purchase additional on-premises hardware and keep it up to date. It was also very important to the team that they would not have to set up an entirely new business continuity management and disaster recovery (BCP-DR) infrastructure. “With Splunk Cloud, our infrastructure is dynamic. We can lean on those resources and save manpower and a lot of time,” shares Deren.