Imperva Case Studies Insurance Company Streamlines Data Security with Imperva Sonar, Reducing Administrative Effort by 90%

Edit This Case Study Record

	Insurance Company Streamlines Data Security with Imperva Sonar, Reducing Administrative Effort by 90% Imperva

Insurance Company Streamlines Data Security with Imperva Sonar, Reducing Administrative Effort by 90%

Imperva

Technology Category	Cybersecurity & Privacy - Database Security Infrastructure as a Service (IaaS) - Cloud Databases
Applicable Industries	Finance & Insurance National Security & Defense
Applicable Functions	Quality Assurance
Use Cases	Cybersecurity Tamper Detection
Services	Cybersecurity Services System Integration
Challenge	The North American insurance company, with a history of 150 years, was facing a significant shift in its security strategy. As the company grew, so did the pressures of regulations and customer expectations, leading to a shift from compliance to security use cases. The company's customers were increasingly considering their own potential risks when determining what insurance services to use. This, combined with the added complexity of regulations such as GDPR, CCPA, and NYFDS, and the very visible data breaches in the news, made it critical for the company to stay ahead of it. The company was using IBM Guardium™ Database Activity Monitoring (DAM) for data compliance and governance. However, the new security emphasis created a significant focus on proactively managing the detection and prevention of unauthorized activities around sensitive data. This led to a re-evaluation of the IBM Guardium™ tool for its data security potential. The company needed a solution that could cover additional databases that Guardium™ did not support, eliminate the manual labor that traditionally comes with security incident response, and provide easy access to long-term audit information for reporting and forensic investigation. Read More
About Customer	The customer is a 150-year-old North American company specializing in property and casualty insurance. The company's security strategy is managed by its information security group, with the responsibility for complying with security policies falling to each of the 35 individual business units, which the information security group supports. As the company continued to grow, it faced increasing pressures from regulations and customer expectations, leading to a shift in focus from compliance to security use cases. The company's customers were increasingly considering their own potential risks when determining what insurance services to use, making it critical for the company to stay ahead of security threats. Read More
Solution	The company chose to implement Imperva Sonar as the best option to meet these requirements, optimize their current investment in Guardium™, and accelerate their approach to data security. The Imperva Sonar platform reduces the costs of Guardium™ while expanding capabilities. The platform leverages agentless collection methods to deliver greater database coverage, reduce manual operations, and provide richer, actionable security intelligence. For companies with mature database security programs, Imperva Sonar can integrate seamlessly with existing investments in IBM Guardium™, saving money on hardware and operations costs, while gaining threat intelligence and comprehensive support for cloud databases. The insurance company migrated a majority of its manual reporting operations into automated workflows driven by Imperva Sonar. This change alone has reduced their administrative workload by 90% and lets them focus on introducing more advanced security practices. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Database Security

Infrastructure as a Service (IaaS) - Cloud Databases

Applicable Industries

Finance & Insurance

National Security & Defense

Applicable Functions

Quality Assurance

Use Cases

Cybersecurity

Tamper Detection

Services

Cybersecurity Services

System Integration

Challenge

The North American insurance company, with a history of 150 years, was facing a significant shift in its security strategy. As the company grew, so did the pressures of regulations and customer expectations, leading to a shift from compliance to security use cases. The company's customers were increasingly considering their own potential risks when determining what insurance services to use. This, combined with the added complexity of regulations such as GDPR, CCPA, and NYFDS, and the very visible data breaches in the news, made it critical for the company to stay ahead of it. The company was using IBM Guardium™ Database Activity Monitoring (DAM) for data compliance and governance. However, the new security emphasis created a significant focus on proactively managing the detection and prevention of unauthorized activities around sensitive data. This led to a re-evaluation of the IBM Guardium™ tool for its data security potential. The company needed a solution that could cover additional databases that Guardium™ did not support, eliminate the manual labor that traditionally comes with security incident response, and provide easy access to long-term audit information for reporting and forensic investigation.

About Customer

The customer is a 150-year-old North American company specializing in property and casualty insurance. The company's security strategy is managed by its information security group, with the responsibility for complying with security policies falling to each of the 35 individual business units, which the information security group supports. As the company continued to grow, it faced increasing pressures from regulations and customer expectations, leading to a shift in focus from compliance to security use cases. The company's customers were increasingly considering their own potential risks when determining what insurance services to use, making it critical for the company to stay ahead of security threats.

Solution

The company chose to implement Imperva Sonar as the best option to meet these requirements, optimize their current investment in Guardium™, and accelerate their approach to data security. The Imperva Sonar platform reduces the costs of Guardium™ while expanding capabilities. The platform leverages agentless collection methods to deliver greater database coverage, reduce manual operations, and provide richer, actionable security intelligence. For companies with mature database security programs, Imperva Sonar can integrate seamlessly with existing investments in IBM Guardium™, saving money on hardware and operations costs, while gaining threat intelligence and comprehensive support for cloud databases. The insurance company migrated a majority of its manual reporting operations into automated workflows driven by Imperva Sonar. This change alone has reduced their administrative workload by 90% and lets them focus on introducing more advanced security practices.

Impact #1	By leveraging Imperva Sonar, the team can orchestrate their end-to-end processes around sensitive data. They automate their production data edit process and have fully integrated their ticketing system, ServiceNow™, so all alerts and requests are assigned to the relevant owners without the information security team needing to be the middleman. They also utilize Imperva Sonar’s machine learning algorithms to automatically perform behavioral analysis and easily identify any data access events that are outside of the normal activity. Looking forward, the company is in the process of beginning a fairly large deployment of MarkLogic®️. This database is not supported by their Guardium™ DAM solution, but with Imperva Sonar they can easily support MarkLogic®, plus other new databases, and deploy their data security strategy across the new workloads with no change to their underlying infrastructure.

Impact #1

By leveraging Imperva Sonar, the team can orchestrate their end-to-end processes around sensitive data. They automate their production data edit process and have fully integrated their ticketing system, ServiceNow™, so all alerts and requests are assigned to the relevant owners without the information security team needing to be the middleman. They also utilize Imperva Sonar’s machine learning algorithms to automatically perform behavioral analysis and easily identify any data access events that are outside of the normal activity. Looking forward, the company is in the process of beginning a fairly large deployment of MarkLogic®️. This database is not supported by their Guardium™ DAM solution, but with Imperva Sonar they can easily support MarkLogic®, plus other new databases, and deploy their data security strategy across the new workloads with no change to their underlying infrastructure.

Benefit #1	90% reduction in administrative workload
Benefit #2	Multi-year audit data retention with sessions & exception data for 1 year and instance data for 2+ years
Benefit #3	Actions taken in seconds, leading to greater reporting timeframes

Benefit #1

90% reduction in administrative workload

Benefit #2

Multi-year audit data retention with sessions & exception data for 1 year and instance data for 2+ years

Benefit #3

Actions taken in seconds, leading to greater reporting timeframes

Download PDF Version

Overview

Insurance Company Streamlines Data Security with Imperva Sonar, Reducing Administrative Effort by 90%

Operational Impact

Quantitative Benefit