Article

How an Italian insurance company squashed security threats in the cloud

Cisco helps Sara Assicurazioni stay secure in a rapidly-changing age of work.
How an Italian insurance company squashed security threats in the cloud
Oct 17, 2022

In the last few years, the landscape of IT security operations has witnessed more change in a shorter timeframe than ever before in history. Robust, interoperable, scalable security measures aren’t just desirable; they’re requirements to stay in business for industries worldwide. 

Businesses are expanding their digital reach, consumers demand extensive online access, and hybrid/remote work models have employees spread wide across geographic locations. The weight of these demands has even Fortune 100 companies struggling to adapt to a new connected world. So how can small and medium-sized businesses keep up with the security needs of these rapidly-changing ways of working? 

To better understand the challenges and how to tackle them, consider the case of Sara Assicurazioni. Sara is a premier insurance company with more than 600 employees and  agency offices spread over 1500 points of sale. After years of using on-premises data solutions and disparate third-party security packages, they recognized the need for a significant change. 

A Secure Migration to the Cloud 

Sara’s first requirement for any update was to protect the highly sensitive information of the company and their clients.  

Leadership assessed that moving data and compute power from on-premises systems to a cloud-enabled network was necessary to efficiently address the needs of employees, consumers, and local offices—they also knew that this move presented a certain amount of risk. With more and more businesses moving to cloud-based infrastructure, organized threats to systems are constantly evolving.  

As things stood, security was not up to par. A hyper-local legacy approach led to an infrastructure of silos using different (and often incompatible) vendors for their security solutions. This setup had already created frustration with Sara’s internal IT security staff, but now it was exposing attack surfaces and unknowable threats since no single team had line-of-sight into all the security systems in place. 

Turning adversity into advantage, Sara used the migration as an opportunity to close loopholes and streamline security operations in the same move. The shift to the cloud enabled them to release their third-party security solutions and bring the entirety of the organization under the same roof of protection from external and internal threats. 

“Since the infrastructure is now cloud-based, we had to change our mindset regarding cybersecurity as well. It was important to have the people, the process, the organization, and the technology under the same security umbrella,” 
- Luigi Vassallo, Sara’s chief operating officer and chief technology officer. 

Zero Trust Powers a Dispersed Workforce 

In the hybrid-work world, employees need to work and connect from anywhere. Regardless of location and device, employees and partners can connect to the new cloud-based network. Sara’s infrastructure includes three different types of system users: internal employees, agency offices spread over 1500 points of sale across Italy, and Sara’s insurance customers. Visibility into this diverse user base poses a big challenge for its small security team. 

To answer, they partnered with a security provider with expertise in cloud technology who could protect the organization and users with a comprehensive solution and facilitate advanced security architectures like Zero Trust: the process of constantly authenticating connections and maintaining clear line-of-sight into the activities from each connection. 

This combination of unified security and secure connectivity enables the members of a security team to monitor the entire network for threats and address those threats with a single set of tools.  

Creating a Resilient Cloud-Based Business 

For Sara, the measurable business value was immediately apparent. In their updated cloud and increased system visibility, the time spent on threat investigation was cut by 20%.  

Today, Sara maintains approximately 2,000 endpoints controlled by Cisco technology, which intercepted 400 threats in a single month. By validating suspicious files, the security team thwarted sophisticated threats while analyzing 3 million different files and blocking ~1,000 invalid transactions. With a unified security team fluent in tools that access the entire IT ecosystem, security problems are proactively identified and resolved in a matter of hours instead of days. 

“I'm quite confident that our security posture is now many times better because we are leveraging more scalable, state-of-the-art security solutions. Thanks to Cisco, when I explain where we are to our stakeholders and board members, I can reassure them that we are in control.” 
- Luigi Vassallo, Sara’s chief operating officer and chief technology officer. 

To find out more about how you can evaluate your security needs, visit this page

###

Related content: