User Stories

Overcoming data challenges for state and local government and education with Elastic

With the surge of endpoints and growing demands for access to data, public sector organizations have seen an increase in security threats since the onset of the pandemic. Against this backdrop, Elastic gathered industry leaders to learn how to manage these challenges and demands and build a path toward the future. The recent State and Local Government & Education ElasticON Public Sector event showcased the tech solutions that are delivering for constituents, faster. What should organizations keep top of mind to achieve these goals? Presenters focused on these takeaways:

  • Regardless of the size or purpose of your organization, the volume of data at your disposal will increase. Having the tools to analyze that increased data load and to adapt processes at speed and scale will be critical for efficiency and effectiveness in the future. 
  • Whether your focus is to enable business visibility, optimize infrastructure and applications, or protect your digital ecosystem, the power of search is the catalyst for becoming an insights-driven organization.
  • Small cybersecurity and IT teams require a consolidated, unified analyst experience rooted in security and observability in order to protect the large number of devices, employees, endpoints, and log data in their purview. 
  • As technology is spread across numerous jurisdictions, counties, and institutions, organizations are facing challenges with speed, networking, accessibility, tracking, and data security. 

To address these challenges, Elastic bridges the gap between silos, organizations, and domains to proactively detect, analyze, and act on threats before they put the institution at risk. And the latest Elastic releases make our capabilities more responsive than ever to the requirements of public sector projects. But don’t just take our word for it. Using the highlights below as a guide, learn how organizations across state and local government and education are leveraging Elastic to quickly analyze data, unify intelligence, and standardize datasets. 

Using a risk-based approach to provide cost-effective security

This unified view of data, threats, and risk was the main focus of the presentation by Blaine Stubstad (Senior Information Security Engineer) and Adam Pena (Senior Security Engineer) from the State of Arizona Enterprise Security team. Inundated with large amounts of data to analyze across numerous regulatory frameworks, employee devices, and agencies, and constrained by fiscal budgetary cycles, the team undertook a proof of concept with the goal of increasing the automation and reporting capabilities of its risk assessment and threat intelligence process. Using Elastic, they produced more accurate assessments and models of cybersecurity threats. 

Tales from a security specialist in Salt Lake County

Cybersecurity has evolved quite a lot since Chris Adamson, Information Security Engineer with Salt Lake County, was tasked to start collecting logs in 2015. What began with proof of concepts on several different solutions has since tinkered its way through to a five-node Elastic cluster. After years of expanding with Elastic, Salt Lake County has refined their dashboards to focus on only what is important to them, with consolidated logs in one place. What took hours and days now takes seconds with Elastic. And what was once a looming threat of phishing and ransomware has turned into an effective defensive posture of “mines and tripwires” to alert the team of attacks.

Increased visibility: Opening the black box of networks

For Oregon Health and Science University (OHSU) network architect Alexander Germain, the challenge of connecting the many facets of campus and research networks across a state was time consuming and cumbersome. By implementing Elastic and Elastiflow, they are now able to see and fix performance and security issues before their users become aware of them. Increased visibility also helped OHSU detect security threats and address weaknesses in network infrastructure. This flexible approach made it applicable to a wide variety of use cases for visualizing external threats, conducting security investigations, troubleshooting, and getting insights into complex systems.

Elastic Security in action

For academic institutions, the need to secure vast amounts of user, behavioral, and endpoint data is constant and the teams charged with securing that data are all too often small. In this session Kevin Wilcox, Information Security Specialist from Appalachian State University, and Tyfanie Wineriter, Database Administrator at The University of Oregon, discuss the challenges of data security and the pressing need to search, analyze, and act on countless alerts each day. Using Elasticsearch, higher ed can do more with the teams, data, and requirements they have to create a proactive defense that produces actionable fixes, quickly. 

Continue the conversation 

Whether you were able to join us live or not, we want to help you keep the learning and community connections alive. We’re always happy to put you in touch with other public sector users to discuss use cases. Email us at sled@elastic.co directly or join in the Elastic Public Sector Slack workspace, an online forum dedicated to the US public sector community. 

And for those wanting to fully dive into the ElasticON experience, all sessions from the day are now available on demand, highlighting how Elastic capabilities are meeting challenges and use cases from the field — no matter your charter and no matter when you need them.