QBE Strengthens Zero Trust Posture With Illumio

With a 135-year history marked by a commitment to customers and innovation, QBE is one of the world’s largest global insurers. As operations span Australia, Asia Pacific, Europe, and North America, the scope and scale of the company’s compute estate continues to expand. The move to hybrid multi-cloud data centers and an increasingly complex application environment required QBE to think differently about how to protect the organization and its customers.

Further compounded by the rising threat of ransomware in the industry, a Zero Trust approach to security became front of mind for CISO Andrew Dell.

“We have partners inside our network, service providers that are in the cloud, and other networks connected to us,” Dell explains. “So, we need to think differently about controlling access to our data and our applications, how we reduce risk, and what technologies will help get us to a Zero Trust model.”

A focus on Zero Trust meant re-evaluating the company’s segmentation strategy. QBE relied on physical firewalls and virtual firewall appliances for segmentation, which proved to be “labor intensive and complex,” according to Dell. Firewall rulesets would become almost unmanageable for the team, potentially putting the very applications they were trying to protect at risk.

QBE needed microsegmentation for more efficient, granular control over dynamic environments. Future-proofing the business with a solution that would empower the organization to “go faster, safely” was critical.

“We are always looking for simple solutions to complex problems,” says Dell. He found exactly that in Illumio Core: a software-based microsegmentation solution that eliminates network segmentation headaches and provides the foundation for Zero Trust security — starting with visibility capabilities.

Illumio’s real-time application dependency map showing traffic flows between workloads wherever they run delivered quick value. “The initial attraction was really the simplicity,” recalls Dell. “Having the ability to span the physical and the virtual and present insights in a highly resolved fashion is a game-changer. It enabled us to be more efficient with our resources and planning right away.”

Equipped with the understanding needed to segment confidently, the team set out to tackle “crown jewel” applications first.

According to Nick Venn, global collaboration and cyber infrastructure manager at QBE, “Since Illumio policies are independent of underlying infrastructure, we get greater and granular security and performance. And the best thing is the policy can now follow the workload, so we don’t have to worry about recreating policies or re-architecting the network. That flexibility is absolutely essential.”

These efficiencies translate into years saved for QBE.

“For an organization of our size and scale and complexity, traditionally rolling out an equivalent solution was a multi-year proposition,” says Dell. “But with Illumio, we had production assets enforced and under control in months, fulfilling our need to move faster and further our Zero Trust posture.”

The team also realizes time savings in previously labor-intensive tasks. “Illumio Core enables us to roll out firewall changes much faster than before,” adds Venn. “Previously, it would be days or weeks. Now it’s minutes or hours.”

QBE relies on the product’s ease of management, which allows them to “focus on protecting the organization, rather than thinking about how we schedule downtime or get investment for new hardware,” says Dell.

With microsegmentation in place, QBE can stop the lateral movement of ransomware or attackers, minimize impact, and ultimately respond quicker and recover faster.

The ability to plug in other services has also been a “real force multiplier” over time, explains Venn.

“The map grew legs when we overlaid vulnerability data from our scanner software,” Venn says. “This allows us to see what applications are connecting to vulnerable ports, then make a business decision and a cyber decision to determine what needs to be closed.”

Today, Illumio continues to help drive collaboration and the need to think differently. Security and application infrastructure teams are much more aligned since they can understand and address risks to applications like never before. As a result, Venn concludes, “cybersecurity has become part of the answer rather than being a problem.”