As the first new sporting event the International Olympic Committee (IOC) had introduced since the 1924 Winter Olympics, the 2010 Youth Olympic Games was a highly anticipated event on the international sporting calendar. Its success depended on key IT systems, such as results processing, broadcaster data feeds, accreditations, Games logistics applications, and public websites.
Atos Origin, under the direction of SYOCOG Technology, needed to ensure that comprehensive security monitoring and protection was in place for the more than 3,000 devices in the Youth Olympic Games infrastructure – including servers, workstations, network devices, and appliances.
In the event of a security breach, Atos Origin knew its Incident Management team would be working under severe time restrictions. “During the two week games operations phase, we knew we would only have a few seconds for detection and action,” said Vladan Todorovic, Atos Origin’s technical and IT security manager for the Youth Olympic Games. The team needed the ability to monitor the IT infrastructure with heightened visibility so it could quickly resolve security issues.
“This was an extremely high-profile project...,” said Todorovic. “There would be no second chances if something went wrong.”
“The short operational period of the project, as well as its far-reaching security implications, meant that we had very specific requirements for our security information and event management (SIEM) solution,” said Todorovic. “The solution needed to be able to process events processing on a massive scale, take feeds from a number of custom data sources, and integrate with real-time, risk-based event prioritization technology from Atos Origin.”
Atos Origin and SYOCOG Technology evaluated several possible solutions and ultimately decided to implement Sentinel. “The Youth Olympic Games is a demanding project from an IT-security perspective,” said Todorovic. “Sentinel was the only solution which fully met our requirements. In addition, Sentinel was highly scalable and allowed our architects to fully optimize the solution to our specific project requirements.”
Sentinel “allowed for the tracking in real time of any anomalous configuration changes which did not coincide with IT policy,” said Todorovic. “Any irregular configuration which might constitute a security violation became a SIEM event and was given a priority status corresponding to its risk level. Sentinel allowed us to aggregate and display data from thousands of events and draw correlations between them.”
Atos Origin’s longstanding partnership with the IOC had given it extensive experience that enabled it to rapidly design and implement advanced functionalities in Sentinel.
“The simple but powerful tools provided by Sentinel enabled us to aggregate data from an enormous variety of IT systems,” said Todorovic. “These included servers running multiple operating systems, network devices, security devices, business applications, and our own custom-developed ‘real-time risk-audit’ solution.”
With Sentinel as the event’s SIEM heart, Atos Origin ensured systems performed smoothly and securely.
“During the operational period of the Games, there were more than 90 million security events,” said Todorovic. “Using intelligent processing in our SIEM, this was reduced to only three million events for review, which were prioritized according to the level of business risk they posed. This saved a lot of valuable time for the Incident Management team.”
Sentinel and the Atos Origin real-time audit solution delivered rapid, intelligent responses to potential security threats. “Even though we were experiencing up to 35 serious security incidents a day, Sentinel allowed us to achieve early detection and fast resolution, ensuring that these incidents had no impact whatsoever on the running of the Games,” said Todorovic. “We feel that Sentinel technology was an integral part of our IT security incident management and that our chances of ensuring the successful delivery of Youth Olympic Games IT services would have been reduced without it.”