About the client
Established in 2007, the client is a Lloyd’s Syndicate managing agent for the principal business within a multinational non-life insurance and reinsurance group. In 2014, the client received permission from Lloyd’s to begin underwriting live business, enabling it to diversify into new insurance and reinsurance markets.
The client is one of the leading providers of legacy solutions through Reinsurance to Close (RITC) of open years. Today, the Syndicate underwrites a broad range of insurance and reinsurance business, including Property Treaty, Financial Institutions, and Professional Indemnity.
The client has a long relationship with Northdoor for the provision of ongoing IT guidance, solutions and support.
The Head of IT at the client explains,
“We have a large in-house IT team that handles our day-to-day systems, but we turn to Northdoor whenever we need additional research or new technology – basically, anything out of the ordinary that requires specialist knowledge and expertise.
“In our regular quarterly review with Northdoor, the conversation turned to security. We were concerned about the risk of cyber-attacks such as hacking or malware, which could lead to financial loss, potential fines, and reputational damage.”
The client already had a number of security measures in place, such as an externally-managed firewall and ongoing penetration testing. It had also adopted a virtual desktop infrastructure (VDI), partly for user convenience and productivity, but also for the ability to lockdown user desktops and prevent rogue software installation. The company wanted to further improve its security stance and to gain the ability to quickly identify and neutralise any threats that got past its powerful existing protective measures.
Implementing a further line of defence
Northdoor listened to the client’s security concerns and facilitated a trial installation of a security suite from its partner Varonis, a security software specialist and part of Northdoor’s “Protect IT” solutions portfolio. Like Northdoor, Varonis has a strong reputation in the London Market, and the client was impressed by Varonis’ previous work.
The Head of IT says,
“Varonis ran a free 30-day trial of the full solution on our network and presented a final report, which convinced us to put together a business case and secure investment. We were particularly attracted by the ability of the Varonis solution to catch ransomware in progress.”
With the help of Varonis, the client implemented Varonis DatAdvantage, which monitors file activity and alerts operators to abnormal user behaviour, helping to prevent data breaches. The solution not only identifies sensitive unstructured data, but also shows administrators who is accessing it, where it is vulnerable, and how to shut attackers out. Furthermore, DatAdvantage detects stale data that is no longer being used – enabling companies to save disk space and avoid potential compliance issues – and simplifies permissions management and auditing.
The client also deployed Varonis DatAdvantage for Directory Services, enabling greater visibility of Active Directory (AD) changes with auditing and reporting. Meanwhile, Varonis IDU Data Classification Framework offers further context around sensitive, over-exposed data to aid protection.
Finally, the client deployed Varonis DatAlert Suite, which uses behaviour-based threat analytics to detect suspicious activity and triggers alerts across multiple platforms – helping the client’s IT team to tackle issues such as misconfigurations and potential security breaches.
Increased security and manageability
With the Varonis solution in place, the client can spot attacks as they happen and shut out unauthorised users as quickly as possible, providing an additional line of defence against cyber-attacks, malware and other malicious activity on its network.
The Senior Systems Administrator at the client comments:
“Thanks to Northdoor and Varonis, we now have an even more fool-proof cyber security system. Not only does the Varonis solution guard against the possible financial loss or fines that stem from cyber-attacks, but it also cements our reputation as a secure organization – and with such high levels of security in place, we have greater peace of mind than ever before.
“What’s more, if an authorized user accidentally locks themselves out of a system, we are alerted almost instantly – often we’ve already rectified the situation before the user comes to us, minimising the loss of productivity.”
The Head of IT adds,
“That is just one example of the solution’s usability. It delivers numerous features to simplify security management, such as the option to simulate bulk changes to AD so we can clearly see who loses access if we change the permission settings. We can also schedule changes and then automatically revert back to the original settings if anything unexpected occurs.”
The client concludes,
“With the help of Northdoor’s guidance and Varonis’ software, we are now better equipped than ever to deal with threats to our cyber security. Looking ahead, we will continue to call on Northdoor for advice and assistance in the areas where we lack internal expertise.”
Insurance cyber security toolkit
For this customer, the Northdoor cyber security solutions we deployed included:
- Northdoor advisory services
- Varonis DatAdvantage
- Varonis DatAdvantage for Directory Services
- Varonis DatAlert Suite
- Varonis IDU Data Classification Framework
- Varonis implementation and support services
For more information and to learn more about our Cyber Security Advisory and Protection Solutions for the insurance market, please request a free consultation: