Microsoft Global Security Operations Centers



Similar documents
General Dynamics Information Technology. Integrated Security Solution CONFIDENCE THROUGH PREPARATION VIRTUAL AGILITY

From Big Data to Rich Data How Data Analytics Add Value to Security Risk Management. Patrick Hennies, Rainer Rex 15th European ASIS, 04/08/2016

White paper. Axis Video Analytics. Enhancing video surveillance efficiency

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

White paper. Axis Video Analytics. Enhancing video surveillance efficiency

Data Fusion Centers. Transforming Public Safety Information into Actionable Knowledge

Employee Travel Monitoring System

Pacom Systems. All rights reserved.

GIS for Real-Time Crime Centers. An Esri White Paper June 2013

Accelerating Complex Event Processing with Memory- Centric DataBase (MCDB)

Travel Risk Intelligence System (TRIS)

An Esri White Paper April 2011 Geospatial Intelligence for Fusion Centers

A COST ANALYSIS OF OF OUTSOURCING SECURITY OPERATIONS CENTERS. Analysis of a global company with 500 employees in fifteen locations

Connect C CURE 9000 with dozens of applications for a holistic business-empowering, all inclusive solution

Emergency Preparedness

City Surveillance and the Cloud

Security Risk Assessment Tool

The Cisco and Pelco Industrial Wireless Video Surveillance Solution: Real-Time Monitoring of Process Environments for Safety and Security

Cost-effective Wireless Alternatives to Corporate Leased-line Connectivity. White Paper

Using Big Data for Crisis Management. Mohammad Khaled AL Hassan

Best Practices for Building a Security Operations Center

Continuity of Business

WYNYARD ADVANCED CRIME ANALYTICS POWERFUL SOFTWARE TO PREVENT AND SOLVE CRIME

NG 911-FirstNet Whitepaper. NPSBN as a Strategic Enabler of Next Generation 9-1-1

W H I T E P A P E R. Security & Defense Solutions Intelligent Convergence with EdgeFrontier

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

DATA ANALYTICS AND REAL TIME CRIME TOOLS INTELLIGENCE LED POLICING

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

World-class security solutions for your business. Business Products. C a t a l o g u e

Security Service de Services sécurité. Security Alarm Monitoring Protocol

Business Continuity Planning at Financial Institutions

Getting Ahead of Malware

Motorola AirDefense Network Assurance Solution. Improve WLAN reliability and reduce management cost

Employee Preparedness Handbook

Earthquake Early Warning System Notifications: Leveraging the Power of the Commercial Cellular Network

SolidStore benefits: SolidStore file system

Security Alarm Monitoring Protocol

CONTEG Pro Server Management software

FirstToSee: Leveraging Social Media for Emergency Response. June 21, 2013

Gallagher Command Centre

Cisco Video Surveillance in Hospitals: Ten Ways to Save Money and Improve the Patient Experience

GIS Systems in the Department of Safety and Security. May 2014 UNGIWG 14

Grow Your Business with Cidewalk

Fort Bend Independent School District. Safety and Security Master Plan Proposal

A school crisis is any event that drastically disrupts or alters a normal school day for your campus. More dynamic if the media covers the event!!

How To Use Vizx2

Security and Services

Business Continuity Management Software

Welcome to a whole new level of interactive home security

Setting the Standard for Safe City Projects in the United States

WHITE PAPER. Improving Operational Readiness for P25 Systems through Advanced Network Monitoring

Duty of Care/Duty of Loyalty. Jon Jackson Senior Director, Information and Tracking International SOS

How Cisco IT Controls Building Security over the Enterprise WAN

TAC I/A Series Continuum Security Solutions Redefining Security for the Modern Facility

Information Technology Operations Command Center (ITOCC): Phase One Emerging and Innovative Technologies

UNION COLLEGE SCHENECTADY, NY EMERGENCY MANAGEMENT PROCEDURES

Retail Solutions. Why Tyco Security Products for Retail?

Global Public Health Intelligence Network (GPHIN) Reseau Mondial d Information en Santé Publique (RMISP) Michael Blench

Critical Incident Management Communications

Kuala Lumpur, Malaysia, May Report

Implementing an Imagery Management System at Mexican Navy

WEBFIL LIMITED. Your Security Partner

EXECUTIVE SUMMARY. Situation

University of Nottingham Emergency Procedures and Recovery Policy

Data Centers. Defense in depth. Network video protection for data centers.

NitroView. Content Aware SIEM TM. Unified Security and Compliance Unmatched Speed and Scale. Application Data Monitoring. Database Monitoring

For more than 35 years the world s investment professionals have trusted FactSet to power their research, analytics, and data integration.

Lessons Learned and Key Recommendations from the Virginia Tech Tragedy

CHIEF POSTAL INSPECTOR. Management Alert Watch Desk Notifications (Report Number HR-MA )

STATEWIDE ITS ASSETS 1

Tornado/Severe Weather

Managing a 24x7x365 Support Center and Network Engineering for a Government Agency QUICK FACTS

Physical Security for Companies that Maintain Social Infrastructure

Olympic Region Traffic Management Center. Olympic Radio

GIS for Asset and Facilities Management. Efficient Management of Assets, Interior Space, and the Building Life Cycle

How To Set Up A Wide Area Surveillance System

THORNBURG INVESTMENT MANAGEMENT THORNBURG INVESTMENT TRUST. Business Continuity Plan

Fight the Noise with SIEM

Interfacing ISONAS Access Control to an IVC-controlled Video Surveillance System

Evacuation Procedures

Security. Security consulting and Integration: Definition and Deliverables. Introduction

Transcription:

Microsoft Global Security Operations Centers Customer Profile Microsoft's global security operations centers (GSOCs) monitor the safety and security of the company's facilities and operations around the world. Business Situation To monitor Microsoft's global interests, GSOC operators were using more than 60 separate data sources and proprietary technologies. The company sought to integrate information from these sources into a single application that would provide a cost-effective way for operators to spot problems and react more quickly to potential threats. OVERVIEW Microsoft s Global Security Operations teams adopted Visual Command Center from IDV Solutions to reduce costs and protect company assets and operations. Summary Microsoft s security operations centers had evolved to simultaneously monitor security at hundreds of company facilities, and also follow global news and weather reports, to spot events that could endanger company assets. But with over 60 unconnected systems and data sources to track, security operations had become unwieldy. With an eye to the future, the software company was seeking a way to consolidate its internal and external security data, lower its operations costs, and improve its ability to protect its assets. The answer was Visual Command Center, a comprehensive, interactive visualization that has become central to GSOC operations and provides the security groups with a cost-effective way to identify and mitigate risks. Solution Using Visual Command Center, Microsoft was able to consolidate its internal security data, live video feeds, Web news feeds, and more in a single, interactive map view. Security operations staff now has instant access to the information they need to evaluate risks and take action. This Visual Command Center map shows Microsoft facilities around the globe.

Situation Microsoft operates Global Security Operations centers (GSOCs) in Redmond, Washington; Reading, England; and Hyderabad, India. Operators at these centers are responsible for the safety of more than 700 Microsoft properties (sales offices, regional headquarters, data centers, etc.) and thousands of employees. Streaming into the GSOCs each day are live video feeds from 8,500 building security cameras, messages or alarms from over ten thousand card readers, and weather and news data from multiple Web sources. Until recently, operators had to manually coordinate the locations of company assets with the information from building security systems, and the locations of events in news feeds and weather reports. It had become a challenge to determine which facilities might be affected by an event, to contact the right people, and to keep them informed. Solution Today, the GSOC staffs handle the same wealth of information, but interact with it in a very different way. At each GSOC, large monitors display the Visual Command Center map, which unites real-time news, weather, traffic data, and other outside feeds with the company s incident reports, facility data, and physical security systems. Before, our security operations used 60 proprietary technologies that didn't interoperate, said Brian Tuskan Senior Director of Microsoft Global Security. Now, all but two are integrated into a single management and alarm system. The monitors sequentially display views of data and geographic regions that the security staff have identified as important. These favorite views let us rotate between regions, for example, North America, Latin America, South America, for a good picture of what s going on, said GSOC Director Steve Rodgers. Visualizations of internal security data and external risks help the GSOCs identify threats to Microsoft operations.

v Visual Command Center speeds up our reaction time. It s of huge benefit, not just to the GSOC but to our people in the field. Steve Rodgers Director Microsoft Global Security Operations Centers Meanwhile, at individual stations, security officers using Visual Command Center can flip between these high-level views and narrower views for their zone of responsibility, for example, alarms in the Puget Sound area. Using these interactive views, security staff identify risks, interrogate data sources for additional information, and respond to potential threats. Alerts help users identify threats To help identify events that matter to the company, Microsoft s security professionals rely on Visual Command Center s alerting feature. The software monitors real-time feeds for weather, natural disasters, and global security incidents, generating an alert whenever one of these potential threats occurs near one of the company s assets. Each alert appears on the map and timeline, and a notification is also sent by e-mail to selected contacts. It helps our security managers assess what could happen, said Rodgers. The alerts speed up our reaction by bringing to light what s occurring and what s affected. An alert is triggered when a risk event occurs near a Microsoft facility. Users interrogate data sources with interactive tools Once security operators identify a potential threat, they can interrogate a wide array of data sources to get a complete picture of the situation. Visual Command Center provides data feeds for more than 100 sources of risk, including severe weather, natural disasters, breaking news, real-time traffic, terrorism, disease outbreaks, and more.

Visual Command Center (VCC) plays a critical role maintaining situational awareness at a consistently high level. From an operational perspective, this allows more efficient and thorough reporting. Michael Foynes Senior Director Microsoft Global Security Operations It connects to the company s physical security systems and internal data stores as well, so when the teams receive an alert, they can access systems and information for the affected facilities. This includes being able to view security camera feeds, building schematics, and the statuses of door locks and alarms. Integration with security officers desk journals means that as these officers record their daily activities like patrols, this data is immediately available on the Visual Command Center screen. From this variety of information, workers can extract the most relevant details using searches and interactive filters. By drawing spatial queries directly on the map, they can isolate data from a specific geographic area. They can immediately see how many people and square feet are threatened, to evaluate the potential impact of an incident. In addition to responding to alerts, Microsoft s security and executive protection teams use these interactive features to manage security for corporate events. For example, for a recent Atlanta event, on the map they drew a two-mile-wide boundary around the hotels that would host the event, said Rodgers. Then they were able to use spatial query to take a look at what was happening there. They could bring up crime, weather, and traffic, to provide information to the event security coordinator on the ground. Accessing Visual Command Center on laptops, these security teams in the field can work with the same data and visualization that s available in the GSOC. As security officers record their patrols (roves) of Microsoft buildings, this information is immediately available from the Visual Command Center map.

Operators take action to inform employees Operators at the GSOCs use the information derived from Visual Command Center to initiate action, typically to alert facilities and traveling employees to events that might affect them. As an example, Rogers cited an incident where a breakdown in radio communications caused officials to falsely suspect a hijacking at Amsterdam s Schiphol airport. This alert was of interest not only to Microsoft s workers in the Netherlands, but to employees traveling through Europe that day. Visual Command Center allowed our European, Middle Eastern, Asian and African centers to access the specific details of the incident, he said. There were able to use that information to create regional advisories based on that event. On another occasion, we had a rash of aviation incidents in Russia. We were able to alert our travelers to delays, airport closings, crashes, and increase their awareness. Cost effective risk awareness Visual Command Center enables Microsoft to reduce costs while protecting the company s assets and helping personnel on the ground stay safe and informed, said Mike Foynes, Senior Director of Microsoft Global Security Operations. As an example, Visual Command Center feeds data about earthquakes directly from the USGS to the map and will provide alerts, Foynes said. This allows us to maintain a minimum, and cost effective, staffing model versus having to overstaff analysts on any given shift to constantly comb the web for updates on natural disasters, news events, etc.

Visual Command Center has become central to the GSOCs daily operations and an important part of its emergency management process. Visual Command Center (VCC) plays a critical role maintaining situational awareness at a consistently high level, said Foynes. From an operational perspective, this allows more efficient and thorough reporting. The software was put to the test in 2011, after the earthquake and tsunami in Japan, and during the civil unrest of the Arab Spring in the Middle East. During both events, security teams used the software to check the proximity of Microsoft offices to danger zones, and to disseminate situation updates and maps. Visual Command Center speeds up our reaction time, said GSOC Director Rodgers. It s of huge benefit, not just to the GSOC but to our people in the field. Contact IDV Solutions, 5913 Executive Dr. Suite 320 Lansing, MI 48911 call 888 201 7282 click www.idvsolutions.com mail to info@idvsolutions.com About Us IDV Solutions is a data visualization software company that helps organizations discover opportunity, identify risk, and take action. By repeatedly solving key problems for customers in the Global 2000 and government, IDV and its products have earned a reputation for innovation, speed, and the highest quality user experience. For more information, please visit www.idvsolutions.com.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information