Imperva Case Studies Securing Trading Environment with IoT: A Case Study of a Major US Financial Services Provider

Edit This Case Study Record

	Securing Trading Environment with IoT: A Case Study of a Major US Financial Services Provider Imperva

Securing Trading Environment with IoT: A Case Study of a Major US Financial Services Provider

Imperva

Technology Category	Application Infrastructure & Middleware - Database Management & Storage Infrastructure as a Service (IaaS) - Cloud Databases
Applicable Industries	National Security & Defense
Applicable Functions	Quality Assurance
Use Cases	Cybersecurity Traffic Monitoring
Services	Cloud Planning, Design & Implementation Services Cybersecurity Services
Challenge	The customer, a major US Financial Services Provider, part of a Global Fortune 500 Company, was facing several challenges in securing its trading environment. The company needed clear visibility into its database traffic to monitor activity and identify risks. It was crucial to secure customer data and transactions within the online trading environment. The company also needed to ensure the high performance and availability of the database and services that actively support online trading processes. The company was also looking to automate compliance and reporting capabilities for regulatory standards such as GLBA, HIPAA, HiTECH, FISMA, SCC, SOX, ISO 27001 and the NIST Cybersecurity Framework. Protecting sensitive customer and trading information from insider abuse was another challenge. The company also needed to control access to cloud apps and confidential client information, including rich policy enforcement and IP address whitelisting. Lastly, the company needed to prevent DDoS / DNS attacks from compromising the client website. Read More
About Customer	The customer is a major US financial services provider, part of a Global Fortune 500 Company. The company has been fulfilling clients’ investment needs for the last half century. The Financial Services Company manages $174 billion in fixed income and balanced assets for both institutions and private clients. The asset management firm relies on Imperva solutions to protect its trading processes by securing its web site, IT infrastructure and customer data—both in the cloud and on-premises. Read More
Solution	The company adopted several Imperva solutions to address its challenges. The Imperva SecureSphere Data Audit and Protection was used to provide clear visibility into database traffic and secure customer data and transactions. The Imperva Skyfence Cloud Access Security Broker for SaaS Apps was used to control access to cloud apps and confidential client information. The Imperva Incapsula was used for protection from DDoS / DNS attacks. The SecureSphere solution mitigates the risk to active trading by sniffing the database traffic in a non-inline mode without requiring an agent on the server. This solution provides a clear view of the data stream, enabling the company to monitor activity and identify risks. The Skyfence Cloud Access Security Broker provides visibility and control over cloud apps and access to trading data. The Incapsula solution protects the company's website from DDoS/DNS attacks. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - Database Management & Storage

Infrastructure as a Service (IaaS) - Cloud Databases

Applicable Industries

National Security & Defense

Applicable Functions

Quality Assurance

Use Cases

Cybersecurity

Traffic Monitoring

Services

Cloud Planning, Design & Implementation Services

Cybersecurity Services

Challenge

The customer, a major US Financial Services Provider, part of a Global Fortune 500 Company, was facing several challenges in securing its trading environment. The company needed clear visibility into its database traffic to monitor activity and identify risks. It was crucial to secure customer data and transactions within the online trading environment. The company also needed to ensure the high performance and availability of the database and services that actively support online trading processes. The company was also looking to automate compliance and reporting capabilities for regulatory standards such as GLBA, HIPAA, HiTECH, FISMA, SCC, SOX, ISO 27001 and the NIST Cybersecurity Framework. Protecting sensitive customer and trading information from insider abuse was another challenge. The company also needed to control access to cloud apps and confidential client information, including rich policy enforcement and IP address whitelisting. Lastly, the company needed to prevent DDoS / DNS attacks from compromising the client website.

About Customer

The customer is a major US financial services provider, part of a Global Fortune 500 Company. The company has been fulfilling clients’ investment needs for the last half century. The Financial Services Company manages $174 billion in fixed income and balanced assets for both institutions and private clients. The asset management firm relies on Imperva solutions to protect its trading processes by securing its web site, IT infrastructure and customer data—both in the cloud and on-premises.

Solution

The company adopted several Imperva solutions to address its challenges. The Imperva SecureSphere Data Audit and Protection was used to provide clear visibility into database traffic and secure customer data and transactions. The Imperva Skyfence Cloud Access Security Broker for SaaS Apps was used to control access to cloud apps and confidential client information. The Imperva Incapsula was used for protection from DDoS / DNS attacks. The SecureSphere solution mitigates the risk to active trading by sniffing the database traffic in a non-inline mode without requiring an agent on the server. This solution provides a clear view of the data stream, enabling the company to monitor activity and identify risks. The Skyfence Cloud Access Security Broker provides visibility and control over cloud apps and access to trading data. The Incapsula solution protects the company's website from DDoS/DNS attacks.

Impact #1	The implementation of Imperva solutions has resulted in several operational benefits for the company. The agentless operation of SecureSphere mitigates the impact of security on active trading. The non-inline activity monitoring provides a clear view of the data stream, enabling the company to monitor activity and identify risks. The automatic reporting simplifies the demonstration of compliance against all standards. The company can now identify and quarantine risky users quickly, preventing or containing data breaches. The CASB provides visibility and control over cloud apps and access to trading data. The company can now whitelist mobile devices by individuals, ensuring only employees can access the company network. The protection from DDoS/DNS attacks prevents the missed opportunity costs (lost revenue and reputation) of website downtime.

Impact #1

The implementation of Imperva solutions has resulted in several operational benefits for the company. The agentless operation of SecureSphere mitigates the impact of security on active trading. The non-inline activity monitoring provides a clear view of the data stream, enabling the company to monitor activity and identify risks. The automatic reporting simplifies the demonstration of compliance against all standards. The company can now identify and quarantine risky users quickly, preventing or containing data breaches. The CASB provides visibility and control over cloud apps and access to trading data. The company can now whitelist mobile devices by individuals, ensuring only employees can access the company network. The protection from DDoS/DNS attacks prevents the missed opportunity costs (lost revenue and reputation) of website downtime.

Benefit #1	Agentless operation mitigates impact of security on active trading
Benefit #2	Non-inline activity monitoring provides clear view of data stream
Benefit #3	Automatic reporting simplifies demonstration of compliance against all standards

Benefit #1

Agentless operation mitigates impact of security on active trading

Benefit #2

Non-inline activity monitoring provides clear view of data stream

Benefit #3

Automatic reporting simplifies demonstration of compliance against all standards

Download PDF Version

Overview

Securing Trading Environment with IoT: A Case Study of a Major US Financial Services Provider

Operational Impact

Quantitative Benefit