This 150-year-old company based in North America specializes in property and casualty insurance. The trust of their customers is critical to the business and protecting customer data is key to protecting their brand and reputation.
The company’s security strategy is managed by its information security group. Responsibility for complying with security policies falls to each of the 35 individual business units, which the information security group supports. This group historically has used IBM Guardium™ Database Activity Monitoring (DAM) for data compliance and governance.
As the company continued to grow, and the pressures of regulations and expectations of customers grew along with them, there was a notable internal priority shift from compliance to security use cases. The company’s Senior Governance Specialist shared how “customers were increasingly considering their own potential risks when determining what insurance services to use. Combined with the added complexity of regulations such as GDPR, CCPA, and NYFDS, and the very visible data breaches in the news, it was critical for us to stay ahead of it.” The new security emphasis created a significant focus on proactively managing the detection and prevention of unauthorized activities around sensitive data. This meant the IBM Guardium™ tool they originally implemented to satisfy compliance requirements was re-evaluated for its data security potential.
The critical business requirements evaluated included coverage for additional databases that Guardium™ did not support, elimination of the manual labor that traditionally comes with security incident response, and easy access to long-term audit information for reporting and potential forensic investigation. The company chose to implement Imperva Sonar as the best option to meet these requirements, optimize their current investment in Guardium™, and accelerate their approach to data security.
The Imperva Sonar platform reduces the costs of Guardium™ while expanding capabilities. The platform leverages agentless collection methods to deliver greater database coverage, reduce manual operations, and provide richer, actionable security intelligence. For companies with mature database security programs, Imperva Sonar can integrate seamlessly with existing investments in IBM Guardium™, saving money on hardware and operations costs, while gaining threat intelligence and comprehensive support for cloud databases.
The company’s Senior Governance Specialist shared that “once he learned about Imperva Sonar he thought we’d be crazy not to go this route.” Before Imperva Sonar, the team used to collect raw data from Guardium™ and perform all data classification, search, analysis, and change reconciliation manually. They would then individually distribute .csv logs out to 150 different people across database, security, and compliance teams. The insurance company has since migrated a majority of its manual reporting operations into automated workflows driven by Imperva Sonar. This change alone has reduced their administrative workload by 90% and lets them focus on introducing more advanced security practices.
By leveraging Imperva Sonar, the team can orchestrate their end-to-end processes around sensitive data. Specifically, they automate their production data edit process and have fully integrated their ticketing system, ServiceNow™, so all alerts and requests are assigned to the relevant owners without the information security team needing to be the middleman. In addition, they utilize Imperva Sonar’s machine learning algorithms to automatically perform behavioral analysis and easily identify any data access events that are outside of the normal activity.
Looking forward, the company is in the process of beginning a fairly large deployment
of MarkLogic®️. This database is not supported by their Guardium™ DAM solution, but
with Imperva Sonar they can easily support MarkLogic®, plus other new databases, and
deploy their data security strategy across the new workloads with no change to their