How FICO gained visibility and control to secure its atomized network
By the Netography team
Most people think of FICO as a credit reporting company, but today the company has innovated to become a leading analytics software company with its award-winning digital decision platform that helps organizations optimize their interactions with customers in real time. Businesses in more than 90 countries, including half of the world’s 100 largest banks and a third of the largest US retailers, use FICO to support their decisions and thrive. It is therefore essential that the underlying infrastructure remains secure and optimized.
Recently, Matt Wilson, VP, Product Management, Netography, sat down with Shannon Ryan, Senior Director, Core Security Services and Architecture, FICO, to discuss how Shannon and his team use the Netography Fusion platform and operational, technological and commercial advantages. they live.
Shannon set the stage by explaining that FICO operates in a highly regulated environment, so compliance with the Payment Card Industry Data Security Standard (PCI-DSS) and other frameworks and regulations is essential. The combination of network discovery and strong segmentation policies for validation and visibility had served them well in their on-premises environment. But when the company started moving to multi-cloud, gaining visibility and control to secure its atomized network and stay compliant became much more complicated. That’s when they turned to Netography for help.
Below are some of the highlights of the three ways FICO is scoring big with the Fusion platform. For more details on their selection, implementation and use of the platform, as well as a demo, watch the replay.
- Operational: To achieve its network and cloud security goals, FICO needed to quickly deploy a system that could provide instant visibility into its hybrid environment of multi-cloud and on-premises infrastructure and devices. Since Fusion is SaaS-based, there was no hardware, no software, nothing to install. FICO was up and running in minutes. Describing the Fusion platform as “a go-to operational mechanism for many people,” Shannon explains how centralized visibility and visualization through an intuitive dashboard helps security and product teams save time and effort. so that they can get things done quickly. Instead of the old way of running reports at night, they can see what’s happening on their atomized network in real time. The Netography Query Language (NQL) is similar to the languages they already use with other products, so the learning curve was minimal. In less than 30 minutes, new users can be up and running and drill down to detect threats and network issues.
- Technology: Appliance-based models that rely on deep packet inspection (DPI) weren’t going to work in FICO’s hybrid environment from cost, manageability, and compliance perspectives, especially at large scale. As Shannon explained, hardware is expensive to deploy and maintain, and encryption requires traffic to be decrypted which must then be securely stored until re-encrypted. Additionally, they realized that data feeds provided answers to questions such as, “Who is talking to whom?” On what port? Is it blocked or not? Where does this data go? “. That’s all the team really needs to quickly understand what’s going on in the network and resolve issues. FICO takes advantage of out-of-the-box detection models provided by Netography and also builds its own threat models that include unique geographic information, custom IP reputation data, and other indicators related to specific threats and vulnerabilities that affect them. concern. Netography’s robust set of APIs makes it easy to integrate this data into the Fusion platform, automate alerts and detection, and define response policies.
- Company: Shannon discussed their return on investment (ROI), including several examples of how they reduced time to mitigation or resolution, saved costs, and improved their customers’ experience with the Fusion platform. From a security perspective, they proactively detected threats from red teaming and penetration testing exercises, configured threat detection templates, and applied those templates in their hybrid environment with just a few clicks. On the networking side, Fusion enabled them to quickly understand and address costly data transfer spikes in seconds, as well as detect and resolve network and device connectivity issues as FICO reconfigures offices for a new hybrid working model. Fusion also helps with compliance, allowing teams to answer questions from auditors in minutes, such as proving the segmentation of development and production environments. FICO even provides mechanisms for its clients to create “auditor confidence”.
Watch the replay now for more details on how Netography Fusion is helping FICO secure its atomized network.