Case Study

Experian gains unified view of global security with Prisma Cloud


The world’s leading global information services company, Experian, gains a unified view of global security with Prisma Cloud in financial services, enabling the team to shut down 50% of open accounts that were deemed unnecessary, streamlining issue resolution with automated alerts, employing a true DevSecOps pipeline with balance of controls for the security team and flexibility for the DevOps team, and consolidating security management across multiple CSPs into a single pane of glass.


In brief

Customer

Experian

Industry

Financial Services

Country

Ireland

Products and Services

Credit services, decision analytic and marketing assistance

Organization Size

17,800


Challenge

Consolidate disparate security tools across CSPs and manage risk at speed to support a global DevSecOps pipeline.

Requirements
  • The solution had to be simple, completely cloud-agnostic, and offer a unified view across CSPs.
  • The solution needed to be cloud native, built to leverage the capabilities of the cloud.
  • The solution provider had to share Experian’s vision of moving quickly in an ever-changing market to help the company stay ahead of the changes.
Solution

Experian selected Prisma® Cloud by Palo Alto Networks to gain a unified view of global security, employ a true DevSecOps pipeline with balance of controls for the security team and flexibility for the DevOps team, and to consolidate security management across multiple CSPs into a single pane of glass.

Download PDF Share

Crucial visibility and control

Experian—perhaps best known for its role in consumer credit ratings—operates as an innovative technology company, helping its clients manage and analyze massive amounts of data. The company is focused on integrating and standardizing technology across the organization, creating building blocks to streamline global application development to help them better service their global customers.

It is important for the company to get a single view of their organizational risks.

With Prisma Cloud, the security team now has the visibility and control that are critical to their operations. The Cloud Native Security Platform has provided a unified view of security and compliance posture across the full cloud native stack, making life a lot easier for everyone involved. “Security has the visibility they require and application teams have the flexibility that they desire,” says Chetan Jha, Experian Chief Product and Cloud Security Officer.

quote

With Prisma Cloud we have a unified view across more than 500 cloud accounts all over the world. Its APIs help account admins get real-time updates on alerts with step-by-step instructions to remediate them. Prisma Cloud gives account owners all the tools they need to fix their issues without having to rely on anyone else.

– Chetan Jha, Chief Product & Cloud Security Officer, Experian

An ambitious project

Experian helps people and enterprises across the globe manage and analyze massive amounts of data to make better informed decisions.

The IT leadership team at Experian wanted to provide the maximum flexibility to its developers to choose the best cloud service provider (CSP) to meet their specific business requirements and needs, including number of accounts, extraneous constraints or local regulatory requirements. Jha says his team is focused on providing a secure base for those business units to work from.

Experian’s internal, integrated platform is based on open source and built on a hybrid cloud approach to provide flexibility to development teams. Developers can deploy applications on-premises or in Google Cloud Platform (GCP™), Amazon Web Services (AWS®), or Microsoft Azure®. Likewise, they are able to deploy at their own pace.

“We take security very seriously. It’s a single security organization that sets the policies, does the governance, and enables the business to meet all the regulatory requirements and business requirements across the globe,” Jha says.

It was clear that they needed a partner to help move at the speed required to maintain innovation.

Prisma Cloud

CHALLENGE

An inherent issue

The productization project involved migrating existing workloads as well as building new applications in a containerized model. From the outset, the team worked hard to set up a DevSecOps pipeline to integrate security into any apps built on the internal platform.

The team members understood that quick advances are inherent to the cloud—capabilities and services roll out on a frequent basis. Additionally, there are developers and business units on nearly every continent, all of which could open a CSP account at any time, creating visibility and configuration management challenges. Also, of course, industry and regulatory compliance are constant requirements.

Experian didn’t want to dedicate resources just to coordinate all of the disparate security tools across CSPs and slow down DevSecOps. They needed help to bridge the gaps and aggregate all of the data they were generating.

quote

When we looked at Prisma Cloud, it wasn't just the tool or the capabilities that they have today, it was the roadmap that they have, the vision that they have. And that makes a huge difference—because this is a journey.

– Chetan Jha, Chief Product & Cloud Security Officer, Experian

REQUIREMENTS

Three criteria

Jha says the search for a partner was predicated on three criteria:
  • The solution had to be simple. “I believe that complexity is inversely proportional to security,” he says. He wanted a solution that was completely cloud-agnostic and offered a unified view across CSPs.
  • The solution needed to be cloud native, built to leverage the capabilities of the cloud. “I have come across many on-prem tools that have been retrofitted and marketed as a ‘cloud tool.’ I have enough experience to know those just won’t work in the long run,” Jha says.
  • The solution provider had to share Experian’s vision. “When we looked at Prisma Cloud, it wasn’t just the tool or the capabilities that they have today, it was the roadmap that they have, the vision that they have. And that makes a huge difference—because this is a journey,” says Jha. “In this ever-changing market, we have to move very fast. We need a partner that can help us stay ahead of the changes,” he continues. “When we saw Prisma Cloud, we were convinced that it met these criteria. So, the decision was simple.”

quote

Prisma Cloud made the digital transformation very simple for us. This was important because complexity is opposite to security. We were able to onboard almost 500 accounts onto Prisma in three months—and nobody expected that.

– Chetan Jha, Chief Product & Cloud Security Officer, Experian

SOLUTION

Continuous, comprehensive coverage across the entire lifecycle and tech stack

Prisma Cloud by Palo Alto Networks, the Cloud Native Security Platform, provides continuous multi-cloud visibility, governance, detection, and prevention, offering comprehensive cloud native security across the entire lifecycle and technology stack.

quote

Prisma Cloud hasn't taken something pre-existing and put it in the cloud. The product is built for the cloud.

– Chetan Jha, Chief Product & Cloud Security Officer, Experian

BENEFITS

A unified view of business risk

With Prisma Cloud, Jha and his team now have the visibility and control that are critical to their operations.

Onboarding was enlightening thanks to Palo Alto Networks. Using Prisma Cloud, Jha and his team discovered exactly how many CSP accounts they had in service — including many unnecessary open accounts. This is a common trend at most organizations.

Jha knew it wasn’t malicious, however. “Many employees create accounts without understanding the complications it presents. Many times they relate it to a SaaS model, where they just open it and everything is taken care of by the vendor. The concept of a shared services model for security isn’t on their radar.”

Still, he says this was part of the reason they began the DevSecOps pipeline process. “The business units have their own needs, and their own pace at which they need to move. And we provide that flexibility. We needed a partner to help us abstract all of it, so that when we look at the risk, we can look at it across the enterprise and not in silos for each CSP or business unit.”

Not only was the onboarding helpful; it was swift. “We were able to onboard hundreds of accounts in Prisma in a short amount of time—and nobody expected that,” Jha says.

Prior to using Prisma Cloud, the security team had difficulty simply taking inventory of all of the accounts. Now, they’re able to identify any account and specify if it was opened without the proper controls. “That gives us a complete visibility of the risk across all these accounts,” says Jha.

One feature of particular importance is the ability to easily see at a glance how many accounts have systems access that is not actually required. That used to be a huge challenge, but with APIs connected to Prisma Cloud, it is very simple.

In addition, Jha says, the “APIs help account admins get real-time updates on alerts with step-by-step instructions to remediate them. Prisma Cloud gives account owners all the tools they need to fix their issues without having to rely on anyone else.”

Prisma Cloud has provided a unified view of security and compliance posture across the full cloud native stack, making life a lot easier for everyone involved. “Security has the visibility they require, and application teams have the flexibility that they desire,” Jha says. “I can say that I am quite confident I know every account that Experian is using in the cloud. This is critical for enterprise security. Learn more about Prisma Cloud and how it can provide a unified view of security for your team. Visit paloaltonetworks.com/prisma/cloud.