Top Health Insurance Provider Boosts Cyber Resilence With Illumio

Business goals

Health insurance providers have high-value medical data in their IT systems, making them a prime target for ransomware.

Facing this reality head-on, a market-leading insurer based in Europe turned its focus to minimizing the impact of a potential breach and bolstering its ability to recover quickly.

Over one million members rely on the company for essential health coverage. Upholding the integrity of core services and members’ protected health information (PHI) and personally identifiable information (PII) is a priority.

The business takes security seriously, and the IT security team got the green light to pursue new protection and resilience measures to expand its defense-in-depth strategy.

Technology challenges

Routine security audit findings revealed that the insurer needed to establish server-to-server security controls to proactively protect against ransomware and attacker lateral movement. The IT security team immediately prioritized investing in a segmentation solution.

Ultimately, the first line of defense team would own day-to-day operations of the segmentation technology. Operational efficiency was an important consideration.

The insurer investigated a number of solutions, including the deployment of a software-defined wide-area network (SD-WAN). This solution involved a full network rearchitecture and multi-year timeline for implementation — an impractical approach, given the increased risk of ransomware.

The team narrowed its focus on microsegmentation as the most cost-effective and easy-to-use solution — unequivocally the way forward.

How Illumio helped

A successful technical proof of concept of Illumio Core turned into quick, early wins soon after implementation.

If you’re looking for an agile approach to microsegmentation, Illumio is the way to go. It’s easy to implement and brings value quickly, providing powerful protection for critical servers. Head of IT Security Health Insurance Provider

Initially, the team segmented its tier-one applications to protect the claims, financial and insurance policy systems where sensitive information is stored.

“We didn’t have to make a huge investment to get Illumio up and running,” says the insurer’s head of IT security. “Illumio made it easy to segment and lock down access to our critical core systems with no downtime or outages. You rarely get a technology vendor delivering that kind of value without a hitch.”

As the insurer adds new applications, they can easily apply already-defined Illumio security rules.

“Applications can inherit protection based on our initial policy development, speeding and simplifying our efforts to secure application workloads with Illumio,” says the IT security project analyst.

Results and benefits

With Illumio’s Zero Trust Segmentation in place to contain and limit the spread of a breach, the business is assuredly more resilient, the head of IT security says.

“Adding Zero Trust Segmentation as a layer of protection limits the blast radius of a breach or ransomware attack on the business. Illumio undoubtedly strengthens our cyber resilience.”

The way Illumio Core visualizes connections and high-risk traffic has proven particularly valuable.

“Not only does the Illumio ZTS Platform give us amazing visualizations of application communications in real time, but it does so in a visually intuitive way,” says the IT security project analyst. “When I show the map to my team, it’s easy for anyone to understand, which helps us achieve consensus on required actions.”

Early progress, simplified management, and superior visibility and protection combine to give the insurer the assurance it needs for the inevitable — be it a breach or the next security audit.

Adding Zero Trust Segmentation as a layer of protection limits the blast radius of a breach or ransomware attack on the business. Illumio undoubtedly strengthens our cyber resilience. Head of IT Security Health Insurance Provider