Hotel Chain Accor Enhances Security with Imperva's Solutions

• Cybersecurity & Privacy - Database Security
• Infrastructure as a Service (IaaS) - Cloud Databases

• National Security & Defense
• Telecommunications

• Cybersecurity
• Tamper Detection

• Cybersecurity Services
• System Integration

Accor North America, a Dallas-based hotel company operating more than 1,200 hotels, was facing a significant challenge with its online reservations system. Despite having multiple layers of defense, including Secure Sockets Layer (SSL) encryption, the company was concerned about the potential for SSL to be exploited by malicious hackers. SSL, while excellent for protecting consumer information, could also provide a cover for hackers trying to infiltrate the system. More than half of Accor's reservations were made through the web, making the security of this system crucial. The company had an intrusion-prevention system and a perimeter firewall in place, along with standard server hardening techniques. However, the potential vulnerability of the SSL tunnel was a significant concern.

Accor North America is a leading hotel company based in Dallas. It operates more than 1,200 hotels across North America, including popular chains like Motel 6, Red Roof Inns, Novotel, and Sofitel. The company heavily relies on its online reservation system, with more than half of its reservations coming through the web. Therefore, the security of its online system is of paramount importance to the company. Accor had multiple layers of defense in place, including an intrusion-prevention system and a perimeter firewall, but was seeking an additional layer of protection to guard against potential SSL-related break-ins.

To address this challenge, Accor turned to Imperva Inc., a data security firm based in Foster City, California. Accor implemented Imperva's SecureSphere database security gateway and Web application firewall to protect both its Internet front end and its back-end databases. The Web application firewall allowed Accor to monitor SSL-encrypted traffic as it streamed in, with minimal performance cost. Imperva was chosen over its competitor, Teros Inc., due to its faster breakdown of SSL sessions. The firewall was also programmed to learn to differentiate between normal and suspicious traffic, a process that took less than a week. Additionally, the firewall offers application-level security, alerting managers immediately if it detects that an application wasn't coded using best security practices. The database gateway is used to protect several hundred gigabytes of customer data stored on various databases against attacks such as SQL injections.

• The implementation of Imperva's SecureSphere database security gateway and Web application firewall has significantly enhanced Accor's security measures. The ability to monitor SSL-encrypted traffic with minimal performance cost has added a crucial layer of protection to the company's online reservation system. The firewall's ability to differentiate between normal and suspicious traffic, along with its application-level security features, has further strengthened Accor's defenses. The database gateway is effectively protecting customer data stored on various databases against potential attacks. Additionally, the monitoring and auditing capabilities of the SecureSphere appliances are helping Accor comply with Payment Card Industry data security standards, as required by credit card vendors.

• The firewall was rolled out in just half a day, demonstrating a quick implementation process.
• The firewall was programmed to learn to differentiate between normal and suspicious traffic in less than a week, indicating a fast learning process.
• Accor purchased two SecureSphere appliances for $50,000 each, providing a cost-effective solution for monitoring and auditing database activity.