Apani user profile - CIGNA
I recently had a chance to communicate with Joe Monday and Steve Thomas, both Directors at CIGNA, about their organization's selection and use of products from Apani Networks. Thanks for taking time out of your busy schedule Joe and Steve. Here's a summary of that conversation.
Please describe your organization and your role within the organization.
CIGNA Corporation and its subsidiaries serve 47 million people in the United States and around the world, providing employee benefits, expertise and services that improve the health, well-being and security of their employees. CIGNA Information Protection is the organization within CIGNA responsible for all aspects of data and infrastructure security. I am a Director, reporting directly to the chief information security officer (CISO). The CISO reports directly to the CIO. My team is closely aligned with our Security and Engineering & Standards team, and manages several key strategic projects.What issues were you facing that caused you to seek out this technology
We acquired a key application that lacked industry-accepted security controls in the data tier. The vendor was unable to offer any solution, or to promise any near term enhancements that would address the problem. Apani was able to restrict access to the data tier in a way that mitigated the risks.What competitive solutions did you evaluate before selecting this technology?
We looked at options constructed internally using hardware firewalls and IPSEC tunnels at the system (OS) levels. These were not practical, and did not allow flexibility for administrative people to have the access they required without a lot of overhead and lowering the effectiveness of the solution.Why did you select this technology over competitive offerings?
This technology was assessed to be cost effective in mitigating the risk, and in having minimal performance and reliability impact on the servers and applications involved.What tangible benefits have you gotten from the use of this technology?
We have been able to isolate traffic to data servers specifically to the requests made to them by their corresponding application servers. This has dramatically reduced the likelihood that individuals operating from client workstations or other servers would have the ability to directly access these data servers which are included in the vendor application which was provided with poor security. We can continue to operate the business critical application with minimal risk while we wait for the vendor to deliver native security improvements.What advice would you give others facing the same issues?
The Apani product is certainly a consideration where building isolation between servers, or subsets of systems is useful in solving security problems. Apani has proven to be a vendor that listens very well to concerns and suggestions, and takes the time to understand a potential customers environment and situation. Those qualities make them worth engaging.Who is Apani Networks?
Here's how the company describes itself:Apani® is the preeminent provider of cross-platform server isolation solutions for enterprise organizations, isolating and securing the communications between servers and endpoints without regard to operating system or physical location.
Apani EpiForce®, the company’s flagship product, is a software-based alternative to using firewalls, VLANs and access control lists inside the corporate network. EpiForce enables two powerful disciplines – logical security zoning and policy-based encryption of data in motion. EpiForce is a distributed, centrally-managed solution that is transparent to users, applications and infrastructure – making it quicker to deploy and less costly to manage than any hardware-centric solution. Policy enforced by EpiForce is persistent, enabling protected resources to be relocated without compromising security.
Snapshot analysis
Security is increasingly an important issue for organizations of all sizes. The creation of a comprehensive solution requires careful planning and the right selection of processes and tools. Apani's EpiForce may be a useful tool allowing organizations to address vulnerabilities within their network infrastructure. It appears that EpiForce can protect applications without requiring that they be reprogrammed.What's your organization doing to address the data security issue?