The partnership is using Splunk Enterprise and Enterprise Security (ES) technology to bolster security and information governance by creating a centralised view of its security, compliance and IT operational needs, thereby enabling each council to take ownership and control over its data.
Orbis, which brings together the Brighton and Hove City Council, East Sussex County Council and Surrey County Council, spans 550 sites and delivers services including finance, procurement and human resources to more than 20,000 users. It claims to be the largest local government shared service partnership of its kind in the UK.
Orbis standardised on Splunk Enterprise Security (ES) to identify security incidents early, reducing costs and limiting potential damage. For example, when the WannaCry attack occurred, Orbis said the councils detected infected devices quickly and removed them from the network to prevent it spreading.
The new (Siem) system across the three councils replaces a variety of previously used Siem systems.
Morgan Rees, technical delivery manager at Orbis, said the Splunk platform underpins the partnership’s compliance strategy. “By automating the collection, search, alerts and reporting of logs and machine data, it’s become easier than ever to build a full audit trail,” said Rees.
“Splunk Enterprise Security provides us with both confidence and flexibility when handling the general public’s personal data or interacting with other government bodies such as the Public Services Network and National Health Service.”
Beyond security, Orbis said it is using Splunk Enterprise to identify and resolve IT faults quickly, as well as minimise downtime and disruption of important government services such as social care, waste and road management.
According to Orbis, the Splunk platform has also helped drive deeper collaboration within the partnership, sharing machine data and associated insights with multiple departments to speed up escalations and address the root cause.
“With public sector finances coming under increasing pressure, government organisations demand cost effective solutions that benefit their constituents,” said Richard Timperlake, vice-president of sales as Splunk for Europe, Middle East and Africa (EMEA).
The Orbis Partnership is a great example of how a single software platform can have widespread benefits across different parts of an organisation. Not only are the councils now better protected, they have also reduced costs through tool consolidation.”#cybersecurity