Past Analytics Excellence Awards

Excellence Awards 2016: Erik Miller - Most Time Saved

DSC_0035.JPGAuthor: Erik Miller (@erik_miller), Sr Systems Engineer - Cyber Security Analytics

 

Awards Category: Most Time Saved

 

Describe the problem you needed to solve

My team's story starts from the ground level of analytics: no tools, no resources, no defined data sources. But our Information Security team had an idea: to be able to report out on all of Western Union's Agent Locations (think Kroger grocery stores, mom & pop shops, etc) and the risk they posed by not having certain security measures implemented - look at every PC/terminal they have to determine their individual risks (2.4 million when we started), their fraud history, their transaction limits, etc, etc. and risk-rate every one of those 500,000+ Locations. We completed a proof of concept and realized it was completely unsustainable, requiring over 100+ hours every month to be able to produce, what outwardly looked like, a simple report. We took that process and built it out in Alteryx. And with just a little over 2.5 hours with the tool, we took a process which dominated my time and turned it into a 5 ½ minute layout of time. What's more, we've turned this POC project and turned it into a full-fledged program and department, focused on risk analytics surrounding employee & contractor resource usage (malicious or uneducated insiders), customer web analytics (looking for hackers), and further Agent analytics.

 

Beyond our humble beginnings, there's the constant threat of data breaches, fraud, and malicious insiders in the Information Security world - it's the reality of the work we do. Having the ability to build out an strategic analytics program has been a huge step in the right direction in our industry and company & not an area which many other companies have been able to focus on, which also sets us ahead of the curve.

 

Describe the working solution

We are using Alteryx to assess several data sources - HR data sets for active/terminated employees & contractors, clickstream data from our digital assets and websites, security data from our Netezza system, fraud data, log files from our various security platforms, user behavior data from our UBA (User Behavior Analytics) system, Identity and Access Management attributes/entitlements, system infection logs, installed applications, etc., etc. As I've said in other talks, we don't have a data lake, we have an ocean.

 

We are currently exporting our data to Tableau tde files, Hadoop, and MySQL databases. In addition, we have started looking/experimenting with our Alteryx Server implementation (which I support for our company).

 

Describe the benefits you have achieved

Overall time savings is nearing 150 hours a month, so a massive savings and an ability for our team to stay incredibly lean - no additional FTEs needed to keep taking on more and more data and challenges. We've also been able to give visibility to the security implementations for all of our 500,000+ worldwide locations - something which we didn't have visibility to prior to now, and which helps us drive the business to implement security features where needed - based on logic, numbers, and fraud data, not feelings.

 

We also are able to provide insights into our user base - how are our employees using our assets, what are they doing that's lowering our security posture, how are they getting infected. We're providing insights which can help our company become more secure.

 erik_miller_workflow.png

How much time has your organization saved by using Alteryx workflows?

What has this time savings allowed you to do?

With just our first workflow, we saved over 100 hours per month - so over a full FTE of time has been taken off of my plate. Alter
yx has allowed us to now only save time each month, but keep our team incredibly lean (we only have three people, and that's all we need to churn through massive amounts of security & fraud data each month).

 

So what has this time saving allowed us to do? Many, many things.

 

First, I was promoted to Sr. Systems Engineer - Cyber Security Analytics. With that change in title, also came the opportunity to build out a strategic-focused Information Security Analytics team, focused on looking at all security data throughout the company and identifying areas where we can improve our security program and posture.

 

Second, It's allowed me time to work with other departments to build out their analytics programs and help them learn to use the Alteryx tools in their respective areas.

 

Third, it's allowed my team to work on new, expanding projects with great ease.

2 Comments
Atabarezz
13 - Pulsar

Very good usecase indeed...

bharanir2001
5 - Atom

Excellent example for the Industry needs