/
Cyber Resilience

How Illumio Lowers ACH Group’s Cyber Risk — With Nearly Zero Overhead

"Good lives for older people" is the tagline of ACH Group, a nonprofit organization based in Australia. But if ACH's IT systems get taken down by cybercriminals, its ability to support those they serve could be harmed.

Based in Adelaide, ACH Group provides housing and related services for some 20,000 people in Australia. ACH is a midsize organization with up to 1,800 staff.

ACH lacks the level of funding and staffing a for-profit company might enjoy. Given its mission to help older people live good lives, the imperative to implement cybersecurity initiatives is not as top-of-mind as it might be for a technology company.

But the organization knows it needed to guard against growing cyber threats that could cripple its ability to carry out its mission.

Implementing pragmatic Zero Trust

To do this, ACH Group uses Illumio to empower what the an ACH security executive calls a "pragmatic" take on Zero Trust. A modern security approach, Zero Trust uses microsegmentation, or Zero Trust Segmentation, to stop malware from spreading through a network, preventing breaches from turning into disasters.

ACH Group runs a hyper-converged infrastructure, meaning it uses software-defined building blocks for servers and storage devices. While this approach delivers many benefits, it also makes segmenting ACH's development, test and production environments difficult.

To overcome this challenge, ACH needed a central way to manage security-access policy down to the workload level. That way, the security and IT teams could work from a single console to enforce granular rules and consistent policies.

This represented a big change from ACH’s previous technology policy, which focused on traditional network firewalls. Unlike managing complex network firewall rules, ACH Group needed a solution that wouldn’t require additional staff.

“Once we decided this was the problem we wanted to solve, choosing Illumio was a no-brainer," the executive says. "There's really no other product that can do what Illumio does.”

How ACH manages "set it and forget it" segmentation

Using Illumio, the ACH security team can now enforce security policy centrally. Once they tag a workload, Illumio automatically assigns the right policy to each.

“With Illumio, we just set it and forget it. It’s ridiculously simple,” the executive says.

Illumio has also helped ACH greatly increase its visibility into its application dependencies. That’s important, because many of ACH’s workloads are only sparsely documented.

To do this, the team deployed the Illumio agent to all workloads in visibility-only mode. Then they simply watch – over the course of a few weeks or months – how the workloads actually interact. With this "blueprint," the team can then set policy.

Illumio also helps ACH add new workloads easily. For example, when the IT team recently added a database server, all the security team had to do was install the Illumio agent and tag the workload. Then Illumio automatically updated its policy.

For any workload that’s no longer used – and in an average week ACH retires up to 5 workloads – Illumio can simply unpair it. It's like the workload was never there.

Using Illumio, the ACH security team even discovered two database servers that were still online but hadn't been used in years.

Even better, given ACH’s small security team, managing Illumio takes them only one to four hours a week. That lets ACH implement far greater Cyber Resilience without adding staff or other resources.

“Our extra overhead to implement and use Illumio has been nearly zero,” the executive says.

For a security team that is strapped for resources, that's good news, indeed.

And for the thousands of older people who depend on ACH services, it's even better.

Learn more about how customers use Illumio:

Related topics

Related articles

Can Zero Trust Bridge the Cyber Equity Gap?
Cyber Resilience

Can Zero Trust Bridge the Cyber Equity Gap?

Learn from Nicole Tisdale, a leader in cyber policy, about how cybersecurity can protect both our institutions and the people they serve.

Is Network Security Dead?
Cyber Resilience

Is Network Security Dead?

Get insight into how the idea of deperimeterization, posed by the Jericho Forum in 2004, is shifting cybersecurity strategy via Zero Trust.

Will the EU Banking Industry Be Prepared for DORA?
Cyber Resilience

Will the EU Banking Industry Be Prepared for DORA?

Explore DORA's key requirements, top challenges, and how Zero Trust strategies and microsegmentation can help achieve DORA compliance by January 17, 2025.

No items found.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?