Objetivos de negócios
Uma das maiores seguradoras gerais do mercado, sem dúvida, entende a importância de gerenciar riscos. A empresa oferece serviços de seguros comerciais e pessoais para quase 9 milhões de clientes.
Gerenciar seu próprio risco cibernético é fundamental para seu objetivo de tornar o mundo um lugar mais seguro.
Insurance firms are ripe for cyberattacks, with a wealth of policyholder data and personally identifiable information (PII) at stake. Accordingly, the company’s infrastructure and cloud services team has a definitive goal: stay out of high-profile breach news.
The insurer has a 160-year brand reputation to uphold, and 9 million reasons to invest in security capabilities that reduce cyber risk and enhance resilience to attacks. Accordingly, the company's infrastructure and cloud services team has a definitive goal: stay out of high-profile breach news.
Desafio tecnológico
Embora sejam parte integrante de seu impressionante crescimento, as fusões e aquisições da empresa expandiram a superfície de ataque híbrido da seguradora. Apesar dos processos de due diligence, o risco é inerente à atividade M & A.
"Ao analisar nossos ambientes, descobrimos a necessidade crítica de corrigir as vulnerabilidades não corrigíveis dos sistemas adquiridos - e em geral", explica um gerente executivo de serviços de infraestrutura e nuvem da empresa. "Controles de segurança mais rígidos foram vitais para proteger melhor nossos aplicativos e ativos de alto valor."
“Since implementing Illumio, we've taken 5,000 exploitable vulnerabilities down to 9 across seven high-value applications and hundreds of workloads. It has proven to be invaluable to our risk mitigation strategy.”
Executive Manager of Infrastructure and Cloud Services
Anonymous Large Insurance Company
The team sought microsegmentation to protect the application workloads underpinning the business and to limit exposure to vulnerabilities.
They had specific requirements for a safe, seamless approach that would not break applications or threaten uptime. That's where Illumio came in.
Como a Illumio ajudou
The insurer turned to Illumio Segmentation, which ticked all the boxes for “safe and seamless” in its proof of concept. Illumio’s Zero Trust Segmentation has proven value in spades since deployment.
Ao controlar rigorosamente o tráfego para aplicativos essenciais aos negócios, a seguradora eliminou milhares de vulnerabilidades e reduziu sua superfície de ataque explorável em 99%.
"Since implementing Illumio, we've taken 5,000 exploitable vulnerabilities down to 9 across seven high-value applications and hundreds of workloads," the executive manager says. "Illumio has proven to be invaluable to our risk mitigation strategy."
Illumio's real-time traffic map serves as a constant source of security, helping the infrastructure and cloud services team understand connections between applications and visualize the impact of policies before applying them.
“Zero Trust Segmentation with Illumio Segmentation is a simple process,” explains the executive manager. “From an operational perspective, our number one goal is to never break production, which we achieved with Illumio. Our cyber operations governance board is extremely pleased.”
"From the beginning, there was a sense that the Illumio team would do whatever it takes to support our team. Time and again, they've proven exceptional in their responsiveness, expertise, and partnership."
Manager of Security Services
Anonymous Large Insurance Company
Resultados e benefícios
With segmentation controls as a foil against vulnerabilities and attackers, the company has gained assurance that the business’s high-value assets are protected.
A equipe também vê o Illumio Core como complementar a outras ferramentas, particularmente sua detecção e resposta de terminais (EDR) do CrowdStrike.
"A segmentação de confiança zero e o EDR nos proporcionam uma abordagem poderosa em duas frentes para a defesa contra ataques", diz um gerente de serviços de segurança. "Sabemos que o Illumio impedirá proativamente que uma violação de dados se espalhe, e o EDR poderá então fazer seu trabalho de detectá-la e responder a ela."
The team is strategizing on how they will leverage more Zero Trust Segmentation capabilities in the future and know they can always count on Illumio’s partnership.
“From the beginning, there was a sense that the Illumio team would do whatever it takes to support our team,” he says. “Time and again, they’ve proven exceptional in their responsiveness, expertise, and partnership.”
