04:40 PM
Secure Perimeter
Like other European financial services companies, personal and commercial auto, homeowners and business insurer QUINN-direct (Cavan, Ireland; US$814 million in premium income) needed to become compliant with the European information security standard BS 17799, which was written by the U.K.'s Department of Trade and Industry, by early 2007. But the insurer decided to improve its e-commerce infrastructure in advance, believing that doing so would boost the confidence of customers who use the channel both for purchase and service.
In August 2005, the subsidiary of the QUINN Group (Derrylin, Northern Ireland), a diversified enterprise that deals in hotel and property management and construction materials, brought in Paul Randle as head of IT networks security to recommend necessary changes. Randle recommended tighter rules-based firewall and access controls for communications coming into the QUINN Group network; introduction of intrusion prevention system (IPS) measures to automate manual procedures; and implementing anomaly detection internally and at the perimeter. "The idea was to concentrate on bringing a secure exoskeleton to the company, and then to move onto the internal infrastructure to protect the main communications between the various elements of the company," he says.
In September 2005 Randle began testing 20 products, which he declines to name, by taking a feed of an external router copying all incoming and outgoing traffic to QUINN-direct. "I placed a hub on that and plugged each of the individual devices in so that they were all seeing exactly the same traffic," he relates.
The test focused on a 12-day period, during which all the systems were running and about 54 million alerts were generated, Randle says. NitroSecurity's (Portsmouth, N.H.) NitroGuard was the only product to pick up every single one, so QUINN-direct selected that product despite its higher cost. "The benefits we observed far outweighed the difference in cost," says Randle.
QUINN-direct implemented NitroSecurity devices at its network gateways in January 2006. "We started at about 11 p.m., racking the various appliances, then installing them in line, and updating all the rules and signatures," says Randle. "By 2 a.m. we had all the IPSs in line, up and running, and alerting."
Deep-Packet Inspection
Among the advantages of the NitroSecurity application is its ability to proof traffic before it reaches QUINN-direct's firewalls, according to Randle. "The IPS [devices] are also distributed throughout our e-commerce infrastructure so that we can see any traffic moving between its various layers," he says. NitroSecurity does "deep packet" inspection -- an examination of the internal content of packets -- of the traffic that gets past the firewalls, Randle adds.
Since implementation, the solution has run without a single failure of any of the devices, and management is happy with the product's reporting capabilities, according to Randle. "Due to the speed of the database back end, you can drill down into alerts very quickly so that you actually get as near to real-time reporting that I have ever come across," he says.
company
QUINN-direct (Cavan, Ireland; US$814 million in premium income).
lines of business
Personal and commercial auto, homeowners and business insurance.
vendor/technology
NitroSecurity (Portsmouth, N.H.) NitroGuard intrusion prevention system.
challenge
Improve network security to comply with the BS 17799 standard.
Anthony O'Donnell has covered technology in the insurance industry since 2000, when he joined the editorial staff of Insurance & Technology. As an editor and reporter for I&T and the InformationWeek Financial Services of TechWeb he has written on all areas of information ... View Full Bio