Ransomware attacks on companies with personal information are more frequent than ever. The attacks can block all computers, and thus all digital communication, with the attacker demanding a ransom to unblock them. The only way to avoid falling victim to these attacks is to work with cybersecurity in a consistent and structured way. Insurance companies are typical examples of businesses that handle a lot of critical and personal information on a daily basis in their internal networks. It is of course highly important to make sure that leakage of such information is not possible, as this could have devastating effects both businesswise and on a personal level. Therefore, it is highly necessary that insurance companies protect critical and personal information with appropriate cybersecurity solutions.
Attacks on insurance companies
It is vital that insurance companies protect critical and personal information, as that kind of information could be targeted by an attacker. An example of an insurance company that has been attacked is Chubb. Chubb is a leading provider of cyber insurance products, dealing with forensics, incident response and investigation costs, data loss and restoration, crisis communications and public relations among other things. Chubb was targeted by the Maze ransomware group in March 2020, who claimed to have encrypted the firm’s systems and threatened to release stolen data if a ransom was not paid.
How insurance companies protect critical and personal information
To upgrade security and avoid leakage of information, a major European insurance company approached Advenica. To secure their internal data centers, where the critical and personal information is handled, a filtering solution was installed.
Advenica ZoneGuard technology allows secure information exchange between separate systems, with access based on the insurance company’s defined policies and tuned for their specific systems. By using Advenica’s ZoneGuard, all information is validated and transformed, which means that sensitive information stays within the protected network and malicious code cannot spread.
The insurance company now sends syslog information from the secure network, via Advenica’s ZoneGuard, to the SOC (Security Operation Center) system. Advenica’s ZoneGuard is a perfect extension to the customer’s SOC/SOCaaS implementation, to assure that only defined allowlisted data, which complies to their tailored policies, is allowed to enter or leave a network domain. This shows how Advenica’s ZoneGuard can be customised for special requirements in customer networks.
Secure extracting of performance and reporting data
Another way of providing a secure way to export performance values, monitoring and network management data without opening any channel that could compromise the servers in the data center, is to let it be handled by Advenica Data Diode DD1000i, including SMTP, SNMP and SYSLOG services.
The benefits of this solution are:
- Secure one-way data transfer without sacrificing domain integrity
- No malicious reverse traffic or access physically possible
- Allows more flexible role-based operation
Would you like to know about how to secure data centers? Read our solution description!
Do you need help? Do not hesitate to contact us, and we will help you!