Imperva Case Studies PayFlex Enhances Web Application Security and Visibility with Imperva

Edit This Case Study Record

	PayFlex Enhances Web Application Security and Visibility with Imperva Imperva

PayFlex Enhances Web Application Security and Visibility with Imperva

Imperva

Technology Category	Cybersecurity & Privacy - Application Security Cybersecurity & Privacy - Network Security
Applicable Industries	Healthcare & Hospitals National Security & Defense
Applicable Functions	Product Research & Development Quality Assurance
Use Cases	Supply Chain Visibility Tamper Detection
Challenge	PayFlex, a third-party administrator that works directly with employers to administer their benefit spending accounts, COBRA and Transit programs, faced a significant security challenge. The company provides consumers with a specialized debit card for medical transactions, which necessitates the storage of debit card numbers and claim data. This convenience, however, is balanced by potential security and regulatory considerations. PayFlex has a responsibility to uphold the highest security standards to protect its customers and their employees. Regulatory compliance is a major consideration for PayFlex, as it must contend with PCI and HIPAA standards. PCI mandates basic network security controls to protect cardholder data, and HIPAA standards require that enterprises prevent health information from being leaked. The liability for a breach is expensive, reaching up to $1.5 million since the implementation of the HITECH Act. Read More
About Customer	PayFlex Systems USA, Inc. is a third-party administrator that works directly with employers to administer their benefit spending accounts, COBRA and Transit programs. The company has been in business for the past 20 years and is based in Omaha, Nebraska. PayFlex provides consumers with a specialized debit card for medical transactions, including co-pays and drug purchases. This service necessitates the storage of debit card numbers and claim data, making security and regulatory compliance a major consideration for the company. PayFlex is committed to upholding the highest security standards to protect its customers and their employees. Read More
Solution	To address these challenges, PayFlex deployed the Imperva SecureSphere Web Application Firewall. This solution provided much-needed visibility into PayFlex’s applications and complemented PayFlex’s Secure Development Lifecycle. SecureSphere delivers total visibility into data access and usage, and its easy-to-use interface provides granular policy creation and enforcement to prevent unauthorized access or changes to data. The solution fits with PayFlex's current infrastructure and development processes, and it was able to meet compliance and security requirements quickly. The Web Application Firewall (WAF) serves as a safety net in case bad code slips through the cracks, despite the company's efforts to teach developers proper coding techniques. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Application Security

Cybersecurity & Privacy - Network Security

Applicable Industries

Healthcare & Hospitals

National Security & Defense

Applicable Functions

Product Research & Development

Quality Assurance

Use Cases

Supply Chain Visibility

Tamper Detection

Challenge

PayFlex, a third-party administrator that works directly with employers to administer their benefit spending accounts, COBRA and Transit programs, faced a significant security challenge. The company provides consumers with a specialized debit card for medical transactions, which necessitates the storage of debit card numbers and claim data. This convenience, however, is balanced by potential security and regulatory considerations. PayFlex has a responsibility to uphold the highest security standards to protect its customers and their employees. Regulatory compliance is a major consideration for PayFlex, as it must contend with PCI and HIPAA standards. PCI mandates basic network security controls to protect cardholder data, and HIPAA standards require that enterprises prevent health information from being leaked. The liability for a breach is expensive, reaching up to $1.5 million since the implementation of the HITECH Act.

About Customer

PayFlex Systems USA, Inc. is a third-party administrator that works directly with employers to administer their benefit spending accounts, COBRA and Transit programs. The company has been in business for the past 20 years and is based in Omaha, Nebraska. PayFlex provides consumers with a specialized debit card for medical transactions, including co-pays and drug purchases. This service necessitates the storage of debit card numbers and claim data, making security and regulatory compliance a major consideration for the company. PayFlex is committed to upholding the highest security standards to protect its customers and their employees.

Solution

To address these challenges, PayFlex deployed the Imperva SecureSphere Web Application Firewall. This solution provided much-needed visibility into PayFlex’s applications and complemented PayFlex’s Secure Development Lifecycle. SecureSphere delivers total visibility into data access and usage, and its easy-to-use interface provides granular policy creation and enforcement to prevent unauthorized access or changes to data. The solution fits with PayFlex's current infrastructure and development processes, and it was able to meet compliance and security requirements quickly. The Web Application Firewall (WAF) serves as a safety net in case bad code slips through the cracks, despite the company's efforts to teach developers proper coding techniques.

Impact #1	The deployment of the Imperva SecureSphere Web Application Firewall has significantly bolstered PayFlex's web application security and visibility. The solution has not only met compliance and security requirements quickly but also fits seamlessly with the company's current infrastructure and development processes. The easy-to-use interface of SecureSphere has facilitated granular policy creation and enforcement, effectively circumventing unauthorized access or changes to data. This has provided an additional layer of protection against potential incidents, thereby reinforcing the company's commitment to uphold the highest security standards for its customers and their employees.

Impact #1

The deployment of the Imperva SecureSphere Web Application Firewall has significantly bolstered PayFlex's web application security and visibility. The solution has not only met compliance and security requirements quickly but also fits seamlessly with the company's current infrastructure and development processes. The easy-to-use interface of SecureSphere has facilitated granular policy creation and enforcement, effectively circumventing unauthorized access or changes to data. This has provided an additional layer of protection against potential incidents, thereby reinforcing the company's commitment to uphold the highest security standards for its customers and their employees.

Benefit #1	Fast time to deployment
Benefit #2	Enhanced application visibility
Benefit #3	Complements PayFlex’s Secure Development Lifecycle

Benefit #1

Fast time to deployment

Benefit #2

Enhanced application visibility

Benefit #3

Complements PayFlex’s Secure Development Lifecycle

Download PDF Version

Overview

PayFlex Enhances Web Application Security and Visibility with Imperva

Operational Impact

Quantitative Benefit