For 150 years, Great American Insurance Group – a specialty property and casualty insurer with $8 billion in 2021 gross premiums written – has focused on technical innovation to adapt to changing times. So when they sought a replacement for their legacy log management solution, they focused on modern alternatives.
According to Sumit Bhargava, Divisional Assistant VP at Great American Insurance Group, maintaining the on-premises solution was distracting from the core business.
“The solution required constant caring and feeding to keep it running from a scalability standpoint. The basic features of a log management solution are to ingest and search data. And that's where our previous solution didn’t scale to a level that a future-facing organization like ours depends on,” says Bhargava.
The tech veteran knew he wanted a cloud-based log management platform. Rather than constantly fiddling with the number of nodes and servers, he wanted to focus on mission-critical objectives such as compliance, threat hunting and producing secure code.
“Quite simply, we needed a cloud-based solution to ingest all logs and quickly perform searches that matter to us,” says Bhargava. “Our previous solution wasn’t meeting our needs, so we went looking for what's next in the log management space.”
That’s when Great American Insurance Group turned to Humio.
The company quickly zeroed in on two options: Humio and a popular open-source solution. Key requirements included ease of ingestion, fast searches and role-based access control.
Humio immediately stood out in the head-to-head comparison, according to Bhargava.
“With the other solution, it took too long to parse and prep the data for searches. With Humio, we could very quickly pipe in the logs and start benefiting from fast searches,” says Bhargava. “The ease of ingestion and search speed of Humio definitely stood out during the POC.”
After speaking with several Humio references, Bhargava selected Humio. Next came implementation. Having already ingested billions of events during the POC, onboarding became a simple proposition, aided by Humio training sessions and third-party integration support.
“We ended up going into production very quickly. Humio is one of the few platforms I’ve implemented where the onboarding was fast, thanks in part to the Humio engineers who helped us get up and running quickly,” says Bhargava.
Today, Great American Insurance Group uses Humio as their cloud-based enterprise log management platform for four main use cases: compliance, operations, security and DevOps. According to Bhargava, everything starts with data ingestion.
“Humio enables us to ingest significantly more data than the previous solution,” says Bhargava. “We’ve scaled up immensely with Humio.”
He points out that Humio isn’t just a closet the company throws data into then forgets about it. All across Great American Insurance Group, logs are actively being used on a daily basis.
“From an operations standpoint, I've been pleasantly surprised at how much we’ve been able to do with Humio,” says Bhargava. “Being able to track sensitivity around our environment and look at all our routers, switches, security devices and servers has enabled us to react to events much faster. Our operations posture has been further enhanced since implementing Humio.”
Great American Insurance Group can now log everything and easily access archived data. In addition to helping with compliance, longer data retention helps with security use cases. The company uses Humio to augment its SIEM by sending a subset of data to the SIEM for more advanced searches.
“Having logs for a longer period gives us the ability to identify root causes of any issue and look at certain cases reactively,” says Bhargava. “But Humio allows us to be more proactive as well, as we now have security dashboards that enable us to do near real-time analysis. The augmentation strategy is working really well for us.”
From minutes to seconds
Speed is another common theme across Humio use cases at Great American Insurance Group. With the previous solution, ingesting data took minutes. That’s no longer the case.
“With Humio, our logs appear instantly. It's not a visible delay where we’re waiting minutes, like with before. Now we can search three billion events in under a second,” says Bhargava.
This speed directly translates into business benefits, according to Bhargava.
“In a typical IT environment, you’d be looking for a resolution in multiple places. With Humio, we have one view where we can have our searches and continually narrow the focus until we find the possible fix. We've had many instances where we’ve been able to detect and resolve issues much faster, which I’d say gives us a competitive advantage,” says Bhargava.
He notes how the speed of Humio translates into a better customer experience as well. “Getting the logs quicker enables us to look for issues faster and avoid service interruptions that could linger,” says Bhargava. “Humio plays a big role in helping us catch abnormalities faster and respond to those events.”
Doing more with less
For many organizations, tech budgets are about doing more with less. Great American Insurance Group wanted to expand its usage of logs across the business, yet the previous solution didn’t allow role-based access control, restricting usage to a handful of users.
Humio enables role-based access control. As a result, log usage at Great American Insurance Group has skyrocketed. In fact, the company now has more than 1,000 users on Humio, as compared to less than 10 with the incumbent solution.
“More than the number of users, I would say the type of users is critical,” explains Bhargava. “We now have users of all technical abilities running queries. And we can control which logs they can access based on which roles they carry. That’s been a game-changer for us.”
More users. More data. More speed … but at what cost? Before the POC, Bhargava asked for a rough price estimate. He was impressed by Humio’s simple cost structure.
“I appreciate the simple view of how Humio prices the platform and helps customers grow in the solution. It was definitely a differentiator,” says Bhargava. “As we compared enterprise-grade log management solutions, Humio came in at around one-third the cost of similar platforms we considered.”
Bhargava is proud of what the company has accomplished with Humio in just 18 months. Still, there’s much work to be done, he says.
DevOps is one area where the company plans to expand its usage of logs. The insurer uses a private cloud to churn out code. Before Humio, developers were missing a logging solution to support code production. Today, Humio enables developers to create specific dashboards for their application needs, thus enabling faster, cleaner code.
“It’s a big step forward, but the possibilities are endless,” says Bhargava. “Given our success with Humio to date and growing use of cloud-based solutions, we plan on adding more and more log sources as we roll out Humio to other areas of the business.”
He sees Humio as a key relationship in helping the company remain forward-facing.
“Humio has exceeded our expectations. Its ingest speeds are faster. Its searches are faster and more flexible. We’re achieving so much more than we expected as we embarked on this journey,” concludes Bhargava. “We’re a happy customer.”