1) An insurance company needed to securely share customer personal identity information with partner banks through their insurance processing application without changing their network or software. 2) They tried using Windows native IPsec but faced implementation challenges due to platform differences. 3) They installed Apani EpiForce software, which encrypted data in transit and complied with all security requirements transparently without changes. This provided an efficient end-to-end solution to protect personal identity information shared with banks.

1. CUSTOMER CASE STUDY
Insurance Industry
Overview “The key features in EpiForce
Insurance company succeeds
at protecting PII and complying allowed us to implement network
with banking partner security
requirements, without changing
security across all the platforms we
the network infrastructure have, and it was up and running in
hours, not weeks.”
or modifying the insurance
software application
Industry: Insurance Information Security Officer
Customer Profile:
A mortgage insurance leader, BACKGROUND
this company has been in This extremely successful insurance company generated over $3B in net
business for more than 30 years, revenue last year by providing to banks a variety of options for mortgage
and provides services to the top insurance, as well as other contract underwriting and real estate related
banking partners in the United
services.
States. For security reasons,
anonymity was requested for
this case study. This insurance company leverages technology to streamline their business
interaction with partner banks and increases productivity by providing them
access to an insurance processing application. An employee from the bank
will remotely log onto the insurance processing server and enter a customers
personal identity information (PII). In real time the insurance software
application processes the customer data and sends an evaluation report back
to the bank regarding the customer’s qualifications and suggested insurance
policies.
The loan processing application is hosted, at the insurance company, on servers
in the DMZ. The servers are also connected through a firewall to corporate
servers on the internal network.
CHALLENGE
The insurance company had it’s own security requirements and compliance
regulations. The banking partners had similiar compliance regulations but they
had their own set of security requirements.
© 2010 Apani, All rights reserved. All marks are the property of their respective owners.

2. CUSTOMER CASE STUDY
Insurance Industry
The primary objective was to find a way to satisfy all of the security
requirements and compliance regulations while protecting PII.
INVESTIGATION
The software application described above was custom developed for the
insurance company. It runs on multiple platforms and basically requires
little interaction from the IT department. In addition to meeting the security
requirement, the other solution requirements were:
• No or minimal changes to the software application
• No changes to the hardware/OS platforms
“EpiForce hides • No significant ongoing management costs
the complexity The servers and clients in this architecture were all running some form of
of the network Microsoft operating system. The insurance company first attempted to use
segmentation the IPsec and PKI (Public Key Infrastructure) functionality native to Windows
2000. This idea seemed perfect because it didn’t require upgrades.
and encryption
from the users.” However, it was soon discovered that one of the key components of the
application was running on a Windows NT 4.0 server, which does not support
– Information Security Officer IPsec. The insurance company decided to address this issue separately and to
go ahead with a trial using IPsec.
IPsec needs a system which can issue X.509 certificates. Security policies can
then be applied, based on those certificates. During the testing, it quickly
became apparent that this proposal was going to be much more complicated
than initially expected. The insurance company soon faced a number of
implementation issues surrounding private keys, software licensing, policy-
based IPsec throughout the network and ongoing IT support for modifications
and updates to the policy. Faced with all of these challenges, as well as the fact
that the trial installation was not working properly and did not cover all servers,

3. CUSTOMER CASE STUDY
Insurance Industry
Solution: the insurance company decided to look for a better plan.
Apani® EpiForce® software
protected personal identity SOLUTION
information by encrypting EpiForce software is used to selectively encrypt data between the servers.
data in transit to and from the EpiForce uses a centrally managed Administration Server and Agents to set
partner bank and control security policies simply and easily. Once in place, there is little
administrator intervention required, and changes to policies can be made and
distributed quickly and automatically. Another key element in deciding to use
EpiForce was that it runs on the network layer and is agnostic to the application.
It is transparent to the end user, as well as the systems on which it runs,
Benefits: making it ideal for use in the DMZ, through the firewall and on internal servers
as well.
• EpForce software complied
with all of the security and
In addition, EpiForce not only achieved compliance for the Windows 2000
compliance requirements
servers, but also met the needs for the legacy NT 4.0 systems. Using an Apani
• Implementation was Guardian appliance as a “bump-in-the-wire,” the software application was
simple and quick on over secured from end to end.
20 servers
BENEFITS
• Transparent to existing
EpiForce helped the insurance company secure their internal network and
applications, requiring no
code rewrites personal identity information in transit to and from the partner bank. EpiForce
achieved this resolution with little impact to the network or applications.
• Low ongoing maintenance
requirements • Apani provided an efficient, cost-effective solution that accomplished the
goals quickly, without taxing IT department resources.
• EpiForce provided a
complete, end to end • Installing EpiForce allowed the insurance company to continue its business
solution and revenue stream uninterrupted by security problems.
• EpiForce provided a scalable solution that can address future system
requirements without adding complexity or requiring expensive upgrades.
• EpiForce provided a complete, end to end solution for this company’s data
protection requirements.

4. CUSTOMER CASE STUDY
Insurance Industry
ABOUT APANI
Apani is the provider of cross-platform server isolation solutions for large
enterprises. Apani’s solution isolates and secures the communication between
servers and endpoints without regard to operating system or physical location.
Apani EpiForce, the company’s flagship product, is a software-based alternative
to using firewalls and VLANs inside the corporate network. EpiForce enables
two powerful disciplines—logical security zoning and policy-based encryption
of data in motion. EpiForce is a distributed, centrally-managed solution that
is transparent to users, applications and infrastructure – making it quicker to
deploy and less costly to manage than hardware-centric solutions. Policy
enforced by EpiForce is persistent, which enables protected resources to be
relocated without compromising security.
Providing an evolutionary improvement in efficiency, flexibility, manageability and
total cost of ownership, Apani technology is used by much of the Fortune 500.
Based in Southern California, Apani was founded in 2003 and is privately held.
More information about the company may be found at www.apani.com.
For More Information
To learn more about EpiForce and Apani,
United States +1.714.674.1600
United Kingdom +44 (0)118 9298060
www.apani.com.
004cs0610v2