Case Study
In brief
A leading finance and insurance company
Financial services
Multinational with large Asia presence
A leading finance and insurance company sought a solution that could help gain visibility for Cloud Security Posture Management (CSPM) by consolidating multiple sites into a single tenant across the region.
CHALLENGE
At this major finance and insurance company, there was a major push to move to the cloud. The move to the cloud was mainly motivated by a combination of the following: reduction in legacy cost of maintaining conventional data centers, greater mobility of access, and the flexibility of being able to use platform-as-a-service (PaaS) applications on demand. As such, the organization was looking for a tool to monitor the cloud. As there was a range of tools in the market providing various types of monitoring ranging from configuration monitoring, cybersecurity monitoring, alert monitoring, and such, a third party was hired to compare and shortlist the solutions.
What began as a compliance and governance requirement expanded into image and container security management. The customer presented a rare case of an (almost) exclusively single cloud service provider user, and Prisma Cloud was deployed in the face of Azure-supplied native security tooling.
A primary challenge that needed to be addressed was the extensive visibility delivered with Prisma Cloud, which in turn, can produce significant alerting noise. The organization wanted to maintain tight control of its alerting volumes through proactive policy management.
REQUIREMENTS
The Cloud security team had the following requirements:
SOLUTION
The customer was an early adopter of Prisma Cloud in the region, using it for CSPM across the ASEAN region. They consolidated multiple sites into a single tenant for a shared single pane of glass across the region.
According to the Cloud Security and Operations Manager, in order to overcome the challenge of alert fatigue, the customer closely worked with the Palo Alto Networks team and set in place strong internal controls defining how the cloud accounts of each account will be adopted into Prisma. With this policy management strategy, they were able to control the flow of alerts and have never had to encounter alert fatigue, allowing them to channel actionable intelligence to their response team.
A refined compliance and governance framework has helped the customer maintain compliance across their Azure workloads. Selective management of policies and workflows has created a smooth internal process for maintaining cloud security posture.
The biggest value of using Prisma Cloud for us was the birds eye view of our entire environment and the thousands of workloads. From a compliance perspective, we can quickly log in to view everything from a single dashboard, which is pretty difficult to achieve if we use other tools. We have made sure that we maximize the utility we get from the tool.
BENEFITS
For this leading finance and insurance company, having visibility of their entire environment in a single dashboard provided the most benefit to them. This enabled them to identify and remediate any configuration or compliance issues in a timely manner. In addition, Prisma Cloud also enables ease of reporting to senior management to reassure them that CSPM is performing to expectations.
By deploying a strict internal control strategy, the organization gained more visibility without alert fatigue. With proactive policy management and Prisma Cloud, the organization was able to maintain tight control of its alerting volumes and channel actionable intelligence to the response team.
The customer has moved from one cloud account monitored for misconfigurations to protecting workloads across SE Asia. These include workloads from 15–20 regional sites in different countries, maintained and reported upon centrally.
Prisma Cloud supports more than 70 compliance frameworks out of the box, including PCI DSS and CIS benchmarks. This helped the organization remove the burden of manually mapping cloud configurations to required compliance requirements, which vary depending on the location of various sites. If anything in their cloud environment did not pass compliance checks, then Prisma Cloud provided actionable feedback on how to remediate issues.
With Prisma Cloud, the organization has achieved 99.52% compliance, a significant improvement from its previous compliance posture. This is no mean feat, as the Cloud Security and Operations Manager continually reiterates that this is “very difficult to achieve.” The team has confidence that Prisma Cloud will continue to help them achieve and maintain a high level of compliance.
The support that we have received from the Palo Alto Networks team is unrivaled. Beyond receiving a timely response to any query or issue, the customer success team is also extremely helpful when troubleshooting.
CONCLUSION
The partnership between the customer and Palo Alto Networks is one of collaboration. The organization and Palo Alto Networks are continually working together to gather feedback in order to drive feature upgrades that are requested by existing clients. As such, the client values the relationship and collaboration and regards Palo Alto Networks as one of its trusted partners.