Technology Category
- Cybersecurity & Privacy - Database Security
- Infrastructure as a Service (IaaS) - Cloud Databases
Applicable Industries
- National Security & Defense
- Telecommunications
Use Cases
- Cybersecurity
- Tamper Detection
Services
- Cybersecurity Services
- System Integration
About The Customer
Accor North America is a leading hotel company based in Dallas. It operates more than 1,200 hotels across North America, including popular chains like Motel 6, Red Roof Inns, Novotel, and Sofitel. The company heavily relies on its online reservation system, with more than half of its reservations coming through the web. Therefore, the security of its online system is of paramount importance to the company. Accor had multiple layers of defense in place, including an intrusion-prevention system and a perimeter firewall, but was seeking an additional layer of protection to guard against potential SSL-related break-ins.
The Challenge
Accor North America, a Dallas-based hotel company operating more than 1,200 hotels, was facing a significant challenge with its online reservations system. Despite having multiple layers of defense, including Secure Sockets Layer (SSL) encryption, the company was concerned about the potential for SSL to be exploited by malicious hackers. SSL, while excellent for protecting consumer information, could also provide a cover for hackers trying to infiltrate the system. More than half of Accor's reservations were made through the web, making the security of this system crucial. The company had an intrusion-prevention system and a perimeter firewall in place, along with standard server hardening techniques. However, the potential vulnerability of the SSL tunnel was a significant concern.
The Solution
To address this challenge, Accor turned to Imperva Inc., a data security firm based in Foster City, California. Accor implemented Imperva's SecureSphere database security gateway and Web application firewall to protect both its Internet front end and its back-end databases. The Web application firewall allowed Accor to monitor SSL-encrypted traffic as it streamed in, with minimal performance cost. Imperva was chosen over its competitor, Teros Inc., due to its faster breakdown of SSL sessions. The firewall was also programmed to learn to differentiate between normal and suspicious traffic, a process that took less than a week. Additionally, the firewall offers application-level security, alerting managers immediately if it detects that an application wasn't coded using best security practices. The database gateway is used to protect several hundred gigabytes of customer data stored on various databases against attacks such as SQL injections.
Operational Impact
Quantitative Benefit
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
Related Case Studies.
Case Study
Vodafone Hosted On AWS
Vodafone found that traffic for the applications peak during the four-month period when the international cricket season is at its height in Australia. During the 2011/2012 cricket season, 700,000 consumers downloaded the Cricket Live Australia application. Vodafone needed to be able to meet customer demand, but didn’t want to invest in additional resources that would be underutilized during cricket’s off-season.
Case Study
SKT, Construction of Smart Office Environment
SK T-Tower is the headquarters of SK Telecom. Inside the building, different types of mobile devices, such as laptops, smartphones and tablets, are in use, and with the increase in WLAN traffic and the use of quality multimedia data, the volume of wireless data sees an explosive growth. Users want limitless Internet access in various places in addition to designated areas.
Case Study
Data Capture for Afghanistan Forces
Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.