This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
My team's story starts from the ground level of analytics: no tools, no resources, no defined data sources. But our Information Security team had an idea: to be able to report out on all of Western Union's Agent Locations (think Kroger grocery stores, mom and; pop shops, etc) and the risk they posed by not having certain security measures implemented - look at every PC/terminal they have to determine their individual risks (2.4 million when we started), their fraud history, their transaction limits, etc, etc. and risk-rate every one of those 500,000+ Locations. We completed a proof of concept and realized it was completely unsustainable, requiring over 100+ hours every month to be able to produce, what outwardly looked like, a simple report. We took that process and built it out in Alteryx. And with just a little over 2.5 hours with the tool, we took a process which dominated my time and turned it into a 5 ½ minute layout of time. What's more, we've turned this POC project and turned it into a full-fledged program and department, focused on risk analytics surrounding employee and; contractor resource usage (malicious or uneducated insiders), customer web analytics (looking for hackers), and further Agent analytics.
Beyond our humble beginnings, there's the constant threat of data breaches, fraud, and malicious insiders in the Information Security world - it's the reality of the work we do. Having the ability to build out an strategic analytics program has been a huge step in the right direction in our industry and company and; not an area which many other companies have been able to focus on, which also sets us ahead of the curve.
Describe the working solution:
We are using Alteryx to assess several data sources - HR data sets for active/terminated employees and; contractors, clickstream data from our digital assets and websites, security data from our Netezza system, fraud data, log files from our various security platforms, user behavior data from our UBA (User Behavior Analytics) system, Identity and Access Management attributes/entitlements, system infection logs, installed applications, etc., etc. As I've said in other talks, we don't have a data lake, we have an ocean.
We are currently exporting our data to Tableau tde files, Hadoop, and MySQL databases. In addition, we have started looking/experimenting with our Alteryx Server implementation (which I support for our company).
Describe the benefits you have achieved:
Overall time savings is nearing 150 hours a month, so a massive savings and an ability for our team to stay incredibly lean - no additional FTEs needed to keep taking on more and more data and challenges. We've also been able to give visibility to the security implementations for all of our 500,000+ worldwide locations - something which we didn't have visibility to prior to now, and which helps us drive the business to implement security features where needed - based on logic, numbers, and fraud data, not feelings.
We also are able to provide insights into our user base - how are our employees using our assets, what are they doing that's lowering our security posture, how are they getting infected. We're providing insights which can help our company become more secure.
How much time has your organization saved by using Alteryx workflows?:
With just our first workflow, we saved over 100 hours per month - so over a full FTE of time has been taken off of my plate. Alter yx has allowed us to now only save time each month, but keep our team incredibly lean (we only have three people, and that's all we need to churn through massive amounts of security and; fraud data each month).
So what has this time saving allowed us to do?
Many, many things.
First, I was promoted to Sr. Systems Engineer - Cyber Security Analytics. With that change in title, also came the opportunity to build out a strategic-focused Information Security Analytics team, focused on looking at all security data throughout the company and identifying areas where we can improve our security program and posture.
Second, It's allowed me time to work with other departments to build out their analytics programs and help them learn to use the Alteryx tools in their respective areas.
Third, it's allowed my team to work on new, expanding projects with great ease.