110-year-old asset management firm Baillie Gifford's clients trust them with an over $200 billion portfolio, including investments in Amazon, Google, Salesforce, Tesla, Airbnb, Spotify, Lyft, Palantir, and SpaceX. In return, they expect granular assurance of client data protection on an ongoing basis.
How could the firm provide real-time audits on-demand without business disruption? A team led by Colin Lennox, Head of Technology and Service Delivery, investigated the options. Traditional segmentation methods didn't stand up to scrutiny. Moreover, re-architecting the network to enforce adequate segmentation policy was not a viable option:
"We would be taking something that was working and potentially break it to secure the environment. We’d have to rework the routing and add lots of complex paths. There was a lot of risk involved, and we found it difficult to justify the expense of costs associated with doing that."
Cloud was another consideration.
"We wanted to have a solution that worked across any data centre and any cloud vendor so that we can treat them as transient services that we can easily move between."
With Illumio, the Baillie team found a simplified software-deployed solution that supplied both visibility and agility for audit-ready segmentation, without the business intrusion of re-architecting to segment on the network.
"The real-time application dependency map enables us to monitor the flows of traffic across our network, then react and provide insightful segmentation with low risk of impact. This gives us the confidence to say that critical areas of our estate are completely ring-fenced and protected. We can categorically identify operational services and the users that are utilising them. Illumio visualises this in a logical manner, led by evidence. This gives me and my security governance team confidence that our assets are well protected at a very granular level."
Looking to differentiate your approach to security segmentation and protection of critical data? Read the full customer story here.