New Orleans is known for Jazz and supremely unhealthy baked goods. But apart from these pleasures, New Orleans is also home to one of the largest port systems in the world. The Mississippi is connected via close to 15,000 miles of waterways, roailroads and interstate highways – it is a hub in a huge web of transportation services – ocean carriers, barge and truck lines and rail transport. On top of that, the Port of New Orleans is the sixth largest cruise port in the U.S. hosting more than one million cruise passengers annually.
All that operational complexity means that, when it comes to IT systems, there is a lot of data traversing the port’s wires – data from legacy systems, data from external parties, and data from an increasing number of connected devices. The port’s CTO, therefore, had an interesting challenge when considering modernization of its IT infrastructure.
Problem
The Port of New Orleans needed to modernize its infrastructure and processes to handle a high volume of both legacy and incoming data. The Port had legacy data–ungoverned, unmanaged and unprotected–across many end points and within the network itself, and a solution deployed both in house and on prem was going to be time and resource prohibitive – threatening to take untold hours and many months to roll out.
Moreover, the Port had governance and compliance issues to manage at both a state and federal level to address because of its unique role in the port system in the United States, with both Homeland Security and Coast Guard requirements at play.
And, finally, there was an internal awareness in the CISO team and in the office of the CTO that security issues, such as phishing and ransomware attacks, have begun to pose a real and significant threat to organization of all shapes and sizes.
Solution
The Port of New Orleans tapped Druva for its Data Protection as a Service (DPaaS) because of several factors – both related to more general benefits that the cloud brings, and specific Druva-related benefits:
It began with simplicity. With Druva’s DPaaS there was no hardware to purchase, no appliances to maintain and run, and no downtime. It was simply a case of connecting and being live within a matter of minutes, and was sufficiently straightforward that connecting and protecting wasn’t a matter of just protecting end points, or three to four servers, but all of the network without limitation. It gave the Port a simple connection that could be viewed through a single pane of glass.
The DPaaS offered data governance management, helping the CTO and his team to understand what was good data within the network, and what wasn’t, with a sophisticated layer of machine learning that provided things as important as anomaly detection which could flag an issue before it ever made its way through the cloud, with the important ability to then step back through a situation with the forensics to track what any potential issues.
With Druva’s DPaaS, federal and other regulations were easily addressed, with frameworks as varied as HIPPA and FedRamp covered.
And, finally, the security box was ticked. The Port faces attacks from all angles – even at the sub-level – a vendor’s ability to address these concerns was a core requirement. The CISO team, and the CTO, had confidence that Druva could detect, isolate and quarantine issues while providing the forensics to go back and examine the path of entry.
Down the Road
The Port expect attacks on its shipping systems to continue, this is a significant issue right now that they’re working on with the Maritime authority. They’re working to educate and increase awareness. They need to modernize and expand, etc. They recently acquired a rail system that is now under its jurisdiction as well, and of course there will be more IoT to manage, etc.
MyPOV
It’s one thing to leverage modern offerings for an organization with the dual benefits of a low risk-profile and a purely greenfields IT landscape. it’s another altogether when the organization in question is a big target for nefarious players and also has lots of legacy technology to include in its portfolio. Seeing the way Port Nola resolved these challenges is an interesting case study and something that other, complex and at-risk organizations should look to.
