Expert Threat Detection… on a Budget
It’s a myth that hackers only go after large organizations. Criminals are opportunistic. They are constantly scanning to find network vulnerabilities wherever they can. Regardless of the size of your municipality, you are at risk.
One of the best ways to quickly identify malicious activity on your network is log analysis. But it can be an overwhelming task, especially for small teams. This was true for three Iowa counties who decided to band together and find a solution.
A Collaborative Approach
Sioux County, Iowa, has used the Center for Internet Security’s Top 20 Critical Security Controls, which includes log analysis, to help prioritize network security for years. “We generate millions of logs each day and didn’t have the time or expertise to review all of them,” says Micah Van Maanen, information technology director for the county. “But we knew that it was extremely important to know what was happening in those logs, so we had to find a solution.”
Their neighbor, Worth County, Iowa, was in a similar predicament. “As an IT department of one, I have very little time for much in my day besides keeping the county networks and systems running, and putting out end-user fires,” says Joel Rohne, IT/GIS director for the county. “I needed to find a way to implement a log analysis process, as well as get access to Support should network issues arise, without adding to my full workload.”
“We have always known that we needed help with our log collection, management, storage, and reporting. It is a critical part of the infrastructure and needs much more attention than what we can give it,” adds Andrew De Haan, information technology director in Marion County, another Iowa county.
As a small IT department, our resources are very limited, and our time is even more so. Managing our logs internally never got the attention that it deserved.
Andrew De Haan
Information Technology Director, Marion County, IA
Together the three counties teamed up to find a solution.
Working Within Tight Budgets
None of these small counties had a very large security budget. In fact, many solutions they reviewed were beyond reach. According to Van Maanen, “We looked at all of the major in-house SIEM tools available and talked to a number of hosted SIEM providers. We struggled to find anyone who could handle our log volume and stay within our budget. Plus, we had additional requirements like timely alerts, responsive on-call expertise, ease of deployment, and helpful reporting.”
Then they discovered Tyler Detect, the managed threat detection solution from Tyler Technologies. “Tyler Detect provided a great demo and the price was right in line with what I can afford for a service that keeps my networks safer than before,” continues Rohne.
Tyler Detect’s price was right in line with what I can afford for a service that keeps my networks safer than before. Having this kind of resource multiplier on my side is a huge advantage in my cybersecurity strategy.
Joel Rohne
IT/GIS Director, Worth County, IA
“Right away, Tyler Detect felt different than any of the other services we had tried. It not only met our budget requirements, but it was also much more intuitive for us to use and manage,” adds De Haan.
In addition to being within budget, Tyler Detect met all their requirements. “It’s able to capture logs from all our devices and offers advanced Windows monitoring. Alerts are customizable and timely, we have access to on-call security experts, deployment was easy, and the reporting is just what we were looking for,” comments Van Maanen.
A Partner for Better Oversight
With Tyler Detect, a team of highly trained analysts continuously monitors the counties’ network traffic, logs, and endpoint activity, 24/7, and alerts them to suspicious activity within minutes. “Now I have a team of professionals that reach out to me directly if they see an issue. If I have a question, they respond right away,” says Rohne. “Having that kind of resource multiplier on my side is a huge advantage in my cybersecurity strategy.”
Since implementing Tyler Detect, Rohne has become much more familiar with the details of the county’s network. “I enjoy getting the one-page dashboard report to see what is happening and if there are any issues I need to address. The complete daily report is essential when I am tracking down problems!”
“It’s comforting to know that experts have eyes on our network,” says Van Maanen. When they first turned on the service, a misconfigured domain controller was identified. “While not a security threat, we probably would never have caught this issue without Tyler’s service.”
Marion County also saw immediate results. “Tyler Detect helped us find a bestpractice configuration issue that presented a significant security risk. We were able to quickly identify the issue and fix it with the help of the Tyler Detect notifications,” says De Haan. “The instant notifications when a specific event happens has been the biggest benefit because we can now identify a potential security event very quickly.”
I am very thankful that we have the Tyler Detect service. It has been a great fit for us. I am confident in Tyler’s ability to add another layer of security to our network.
Micah Van Maanen
Information Technology Director, Sioux County, IA
“Tyler Detect is a great service and one that I had been searching for for a long time,” adds Rohne.
De Haan concludes, “Tyler Detect has increased my confidence in our network security, knowing that our logs are now being collected and properly analyzed.”