Educational Data Case Study
Actionable Threat Intelligence from Fully Encrypted Log Files to Protect Vulnerable Educational Data
Cross River State in Nigeria is using OmniIndex’s log file intelligence to ensure the highly confidential and regulated educational data of the state’s students and staff is kept secure. This is done in partnership with Future-X Education who are using OmniIndex PostgresBC as the data platform for their Educational Management System.
Educational data is highly sensitive and regulated. As such, it is crucial to have a transparent record of data access and to identify any potential threats/vulnerabilities in the database while keeping that information confidential and secure.
The EMIS (Educational Management Information System) was migrated to OmniIndex PostgresBC and LoggerBC was therefore able to run automatically on the fully encrypted data to provide real-time threat intelligence and ensure confidentiality.
Logs are stored in the PostgresBC immutable blockchain and are secured with homomorphic encryption. This ensures they cannot be maliciously or accidentally edited, and they can remain encrypted while they are analyzed. This ensures maximum security and privacy.
- Step 1
- Step 2
- Step 3
Log File Collection & Real-Time Processing
Open Telemetry libraries collect log data. Data is encrypted with OmniIndex homomorphic encryption and exported to the PostgresBC data platform in real-time.
Log File Security
Data is stored in FutureX's own PostgresBC instance where it is immutable and decentralized. There is no possible third-party access and zero-trust access ensures nobody is able to view data they do not have permissions to accidentally or maliciously.
Real-Time Threat Intelligence & Insights
Encrypted log files can be queried using familiar SQL commands. Our AI Chatbot, Boudica, also enables you to ask natural language questions and receive meaningful answers directly from your encrypted data.
As it is a private SLM model, no data is shared externally with none of your private data ever exposed.
Finally, LoggerBC seamlessly integrates with all industry leading tools. This enables analytics and data visualizations on the fully encrypted data within your favoured workflow with zero exposure or third-party access.
Potential Threat Intelligence
Access Attempts
Brute Force Attacks:
Frequent failed login
attempts from unusual IP addresses or
locations could suggest a brute force
attack is underway.
Unauthorized User Access:
Detection of
logins by users who should not have
access to the system or attempts to access
restricted resources.
Data Exfiltration
Large Data Transfers:
Unusual spikes in
data transfers, especially outside of normal
business hours, could indicate data
exfiltration attempts.
Suspicious File Downloads:
Monitoring
for downloads of sensitive data files by
unauthorized users or to unusual
destinations.
SQL Injection Attacks
Error Messages or Unexpected
Behavior:
Unusual error messages or
unexpected behavior in the application
could be indicative of SQL injection
attempts.
Suspicious Query Strings:
Analyzing
query strings for potentially malicious input.
Malware Activity
Unknown Processes or Files:
Detection
of unknown processes or files running on
the system, which could be signs of
malware infection.
Network Traffic Anomalies:
Unusual
network traffic patterns, such as excessive
outbound connections or suspicious DNS
requests.
Insider Threats
Privilege Abuse:
Monitoring for instances
where users with elevated privileges are
accessing data or performing actions they
shouldn't have permission to do.
Unusual Access Patterns:
Detecting
unusual access patterns from trusted
users, such as accessing sensitive data
outside of normal working hours or from
unusual locations.
Data Breaches
Data Loss or Corruption:
Identifying
instances of data loss or corruption, which
could be indicative of a data breach.
Unauthorized External Access:
Detecting unauthorized access to the
system from external IP addresses.