A global logistics company had a huge inflow of security log data from multiple sources and they wanted to strengthen their security by drawing insights from it. On the advice of HCLTech, a longstanding partner in their managed services program, they leveraged the data analytics capability of the Google Cloud Platform.
The Challenge
Drawing insights from a massive inflow of data
Data, the lifeblood of organizations, is being generated on an exponential scale — so much so, in fact, that locating, classifying and analyzing it is a significant challenge for many businesses. In this case, our client had over 20GB of security log data flowing in every day from 25 different sources. The volume of this data inflow from its various cybersecurity systems was expected to double to nearly 50GB each day over the next three to four months, despite the fact that their existing on-site systems were unable to analyze any of it in a meaningful way to gain valuable insights that would help improve its security posture.
The Objective
Migration of on-premises systems to Google Cloud
Our client wanted to ingest this massive amount of data to improve their security systems. To do this, they needed an advanced data analytics platform that could be leveraged to slice the data and analyze it to track anomalies and better visualize areas of concern through AI/ML. Google Cloud was the obvious choice, with Big Query, Looker analytics and AI/ML capabilities, because it would provide them a better and more comprehensive perspective on how to strengthen the security system.
The Solution
Advanced analytics and AI/ML for anomaly detection on Google Cloud
HCLTech delivered the technology transformation and enabled the migration of the on-premises source systems and applications to the Google Cloud Platform. The solution covered real-time data ingestion with batch and history data loading, data processing and data analytics features. AI/ML solutions were designed to manage and monitor high-risk events and alerts.
Using Google Cloud Platform Machine Learning, AI/ML models were developed to leverage Privileged User Behavior Analytics (PUBA) for anomaly detection. In addition, data lakes and data marts were developed leveraging the AI/ML models. The engagement, which began with simple use cases, quickly expanded into more mission critical areas as the ease of visualizing desired elements from the data significantly improved.
The Impact
Stronger security through real-time insights plus cost savings
Empowered with real-time insights and advanced analytics, our client immediately saw significant benefits from the migration. Google Cloud’s analytics provided insights that were not previously visible in the on-premises systems. The transformation helped the company gain a better understanding of anomalies, threat intrusions and areas of concern such as fraudulent logins. These insights enabled better anomaly detection and threat detection across the company’s global network.
The migration to Google Cloud also provided relief from the huge costs of the previous on-premises landscape. It created a faster, more flexible model that enabled 15% savings in cost and effort. In addition, the team’s proactive approach to utilizing Google Cloud best practices led to $25,000 in monthly savings through cost optimization.
The positive impact resulted in an ongoing fine-tuning of the company’s security systems across the world. In view of its vast benefits, the program has been extended for another two years.
