When it comes to safeguarding the financial data of over a million people in a highly regulated industry, there’s a lot to be said for having multiple layers of protection. For Mercury® Financial, there’s nothing more important than implementing a fully integrated security ecosystem for creating resiliency and peace of mind for us and our customers.
Mercury Financial provides over $4.7 billion in credit lines to customers who are eager to improve their credit so they can live better lives. We at Mercury Financial pride ourselves on what makes us different: we leverage advanced technology to deliver a better credit card experience while adhering to strict Payment Card Industry Data Security Standard (PCI DSS) regulations.
Since we adopted a zero-trust architecture, we’ve experienced what can happen when security vendors are synchronized: the results are beyond our expectations.
Integrated security solutions are a force multiplier
Recently, we knew it was time to reevaluate our security solutions and take a holistic approach to our zero-trust strategy. Our legacy solutions had major stability issues, and the lack of support from the vendors took significant time away from our internal team, who, already short on time, were left on their own to identify and remediate security issues resulting from increasingly sophisticated attacks.
We needed to consolidate and update our security tooling. We dug into industry reports from leading analysts to learn how the latest endpoint and workload solutions compared, as we wanted the most robust and flexible solution for our 100% cloud-native environment. Hands down, Zscaler and CrowdStrike were the category winners in their own right. The two solutions were exactly what we were looking for. Both are cloud-native security solutions with comprehensive solution platforms, advanced artificial-intelligence (AI)-driven threat detection and response, automated remediation, and market-proven implementations.
Best of all, our Zscaler Zero Trust Exchange platform integrates seamlessly with CrowdStrike to protect the whole picture. Now, we have shared data and cross-platform workflows, where we can get both a high-level and detailed view of our security posture across the board, with layered defenses in the endpoint and network environment. This significantly reduces our time to threat detection and response.
Shared telemetry and threat intelligence
Regardless of whether Zscaler or CrowdStrike detects a threat first, they both share that threat vector, so we have cross-coverage, and the threat is mitigated on both ends. For example, CrowdStrike shares threat intelligence with the Zscaler platform, which mitigates the threat on the network layer by proactively blocking malicious URLs. The result is a proactive threat prevention approach that minimizes the attack surfaces in the environment. This is one of the biggest benefits of this integration.
Zscaler incorporates high-confidence malicious URLs from CrowdStrike’s indicator of compromise (IoC) database into what’s called a Custom URL category, and subsequent attempts to access these URLs by any users are blocked automatically. Better threat intelligence sharing creates a better defense.
In addition, we have strengthened access control to selected, critical applications by leveraging the device posture control integration between CrowdStrike and Zscaler. From inside the Zscaler platform, we configured policies based on CrowdStrike’s Zero Trust Assessment (ZTA) score for the devices to provide discrete access to applications, as well as authentication to the applications. This reduces the possibility of any suspicious devices becoming an attack vector. Zscaler can also be configured to trigger a containment response. Let’s suppose an endpoint tries to download a questionable executable. Since Zscaler sits inline, enforcing all security policies, it checks against its security engines to determine whether the executable is benign or malicious. If it cannot glean enough information to do so, the file is detonated in Zscaler Sandbox, so its actions can be observed and analyzed.
Through API integration, CrowdStrike works in tandem with Zscaler. When Zscaler Sandbox deems a file malicious, it automatically passes that information to CrowdStrike, which identifies and quarantines infected endpoints.
The results speak for themselves
Thanks to these integrations, we have strengthened our security environment without compromising user experience or business enablement. We’ve reduced the time we spend on IT support-related tickets by 76% and multiplied the efficiency of our nimble security team. Since deployment, we’ve had minimal downtime from malware or ransomware. And we’ve shrunk the attack surface on our Amazon Web Services (AWS) accounts, reducing our blast radius and the potential for lateral movement. We've measured our ability to remediate as an exponential gain.
Not only did the CrowdStrike and Zscaler solutions individually meet our expectations, the integrations are icing on the cake and have further expanded visibility across security layers, reduced troubleshooting time, and enabled our team to work more effectively. Both solutions are among the key pillars of our ongoing effort to achieve zero trust security.
What’s more, the security technology convergence this platform provides gives our organization a competitive edge in the marketplace and makes us stand out among other financial services enterprises. After all, using advanced technology to deliver a better credit card experience is what we’re all about.
Read the case study to take a deeper dive into how Mercury Financial is using the Zscaler Zero Trust Exchange as not just a solution, but as a methodology to drive its expanding zero trust initiative, step up its security, and support its position as an innovative leader in financial services.