Many enterprises are undergoing a digital transformation — reinventing the way they do business to become more innovative and more responsive to customer needs. This often entails migrating applications to the cloud and increasing business agility by simplifying the IT infrastructure. Both were undoubtedly goals for Standard Insurance whose digital transformation initiative became so successful that ICMG, a leading full-service enterprise and IT architecture firm, awarded the company winner of “Best Architecture for IT Infrastructure” in 2018.
Standard Insurance, a nationwide provider of insurance and financial products in the Philippines had initiated a multiyear digital transformation project in 2016. The company was shifting to online selling and needed to evolve its aging backend software infrastructure. The system served the entire process of the insurance business, from application and proposal to policy issuance, administration, and claims—in other words, the lifecycle of the company. The new, custom-developed platform, though, still ran in the company datacenter. A system failure would represent an existential threat to the company; moving the insurance software to AWS became a priority.
Insurance agents and employees across sixty branches VPNed into the Makati headquarters to access the company’s insurance application. Those sites were secured by branch firewall appliances connected by telco-provided VPN services. But the lack of telco coverage meant that Alf Dela Cruz, First Vice President, Head of IT Infrastructure and Cybersecurity at Standard Insurance, and his team had to manage multiple provider relationships to deliver comprehensive branch connectivity. It was a headache.
Security was also a concern. The local firewall appliances needed to be upgraded, which was a constant expense, and were insufficient to protect the organization. After two ransomware incidents, the CEO demanded a dramatically improved security posture.
The complexity of the firewall appliances also complicated site deployments. “With a hardware firewall, we had to copy information to every site and make sure it stays updated, and whatever changes we make at the head office need to filter out to every branch,” says Dela Cruz.
In a Head-to-Head Evaluation, Cato Reduces Security Costs By Half
The IT team intended to replace the firewall appliances with on-premise next-generation hardware appliances, but while awaiting delivery of the new hardware, Dela Cruz heard about Cato.
“When we learned about the Cato solution, we liked the idea of simple and centralized management. We wouldn’t have to worry about the time-consuming process of patch management of on-premise firewalls,” he says.
Cato connects all enterprise resources — locations, cloud resources, and mobile users — to a common, optimized global backbone, which today is built from more than 42 PoPs across the globe. With all traffic on the Cato backbone, Cato applies a common security policy to protect all resources. Next-generation firewall (NGFW), secure web gateway (SWG), URL filtering, malware prevention — all are built into the Cato service. Cato MDR, a managed threat detection and response (MDR) service, offloads the resource-intensive and skill-dependent process of detecting compromised endpoints onto the Cato SOC.
Standard Insurance put its hardware acquisition on hold to evaluate Cato head-to-head. “We would easily spend double in terms of what we spend for Cato,” he says.
“The cost of the total solution Cato is providing us – including the centralized management, cloud-based monitoring, and reports – matches the cost of the firewall appliances alone. Then we would still need to add in the cost of appliance management and the advanced protection and other components of the firewalls.”
Cato Simplifies Network and Security Infrastructure
If Cato intrigued the Standard Insurance team with its low cost, Cato won the day with its AWS connectivity. Cato’s points of presence (PoPs) are co-located in the same physical datacenters as the IXPs of Amazon AWS, Microsoft Azure, and other cloud datacenter services, providing fast access to cloud resources across cloud providers and global regions. “Once we migrated our critical applications into the AWS cloud, we took Cato even more seriously because of their compatibility with the cloud network. This allows our branches to easily connect to the AWS cloud via the Cato network,” says Dela Cruz.
Implementing Cato also allowed Standard Insurance to shorten deployment times. Dela Cruz and his team could eliminate all branch firewalls and Internet-based VPNs, and instead, send a Cato Socket, Cato’s small SD-WAN device to each branch for a non-technical person can simply plug it in. Once the Socket connects to the Internet, the Cato network recognizes it, joining the Socket into the SD-WAN. The Socket inherits the global security policies Dela Cruz and his team have configured for the network. “We can set up a branch in minutes with Cato,” says Dela Cruz.
Enforcing one set of security rules in the cloud for all users and resources makes secure much easier to manage and update. Policies can also be customized to meet the needs of individual locations, users and more from the Cato management console. “The Cato management console is very easy to comprehend,” says Dela Cruz.
As for the users, Standard Insurance employees enjoy a better user experience. Previously, IPVPN bandwidth was limited to 1 Mbits/s.
“With Cato we increased Internet bandwidth by 10x, significantly improving performance without increasing costs,” says Dela Cruz.
Standard Insurance Looks Towards the Future with Cato
Standard Insurance will continue with its broader transformation efforts. Initiatives planned include implementing single sign-on (SSO) for all of its applications and numerous application changes. As for the infrastructure, Standard Insurance is looking to roll out more mobile clients to bring more dealers and agents onto the network.
“We are recommending Cato to our business partners,” says Dela Cruz. “We love that the solution is cloud-based, easy to manage, and less expensive than other options.”