When Michael Gabriel joined Career Education Corp. in February 2004, he knew he needed a business case to justify an overhaul to the educational services company's information security program. Looming Sarbanes-Oxley Act (SOX) compliance deadlines provided just that for the CISO, but that initiative was only the start of a thorough security management program that continues to this day.

 Other stories on this topic

Buyer’s Guide: unified threat management

Read the latest WhitePaper - Protecting Data on Laptops: Why Encryption Isn't Enough

New ways to protect data from insider attack

Career Education Corp. adopts data-leak prevention strategy

Story tools

E-Mail article
Print article
Contact author	Reprint
AIM article	del.icio.us
Reddit	Digg
Stumble	Slashdot It!

CEC, in Hoffman Estates, Ill., had grown tremendously over the previous five years, becoming what in 2004 was a $1.7 billion company. Following this boom, it needed to formalize controls and get a handle on its security infrastructure to enable uninterrupted growth going forward, he says.

"The immediate need was [SOX], but when I did further analysis . . . the remediation projects that needed to get done ran the gamut from security policy to change-control to incident-response awareness and security monitoring," Gabriel says.

CEC earns its place among the 2007 Enterprise All-Stars for its smart adoption and implementation of security information management (SIM) technology. With netForensics' nFX Open Security Platform (OSP) Version 3.4 software, CEC automates security and other logs from some 10 firewalls, 10 prevention systems, 12 domain controllers and all Cisco devices. In addition, by integrating Rippletech's RippleTech Informant Version 1.0 into the netForensics rollout, Gabriel can collect logs from six Microsoft databases. No software on the actual data source is required.

Among the many benefits of CEC's estimated $400,000 investment are SOX compliance and comprehensive reporting, combined external and internal threat management, improved security-threat response time, and increased ROI on IT resources. CEC invested $100,000 to $200,000 initially in the security-management software and plans to add another $100,000 to $200,000 later this year to augment the project and expand to a second data center.

"It's hard to quantify in hard figures, but if we had not been able to use this technology we would have had to invest in a systems administrator to do this work; and from a security standpoint, we wouldn't have such visibility into our entire environment," Gabriel says.

Gabriel started at CEC during what he describes as a whirlwind. "There wasn't a lot of time to do extensive bakeoffs. I needed to get this project underway," he says.

Fortunately, Gabriel had heard from peers about SIM products from such vendors as ArcSight and netForensics. Because scalability was a top concern, he decided on netForensics, which had a proven success record in large government environments. The vendor's back-end capabilities -- large-volume data-collection and -correlation -- resonated with him. He says he would pass on a pretty GUI in favor of power on the back end any day.

It's not that netForensics, which has just added a collector for Microsoft Windows platforms to its product portfolio, didn't have a good GUI. Gabriel found the product most accurately addressed CEC's needs, especially considering the fortuitous addition of the Windows module. "We were one of the first customers for that," he says.