Case Study: Accor Hotels achieves SSL visibility and database security with Imperva SecureSphere

Accor Uses Imperva To Secure Web Applications and Databases

Accor North America, which operates more than 1,200 hotels and receives over half its reservations online, faced a security blind spot: SSL encryption that protected customers also hid malicious traffic from its intrusion-prevention system. Harvey Ewing, Accor’s IT security director, was concerned that attackers could use SSL tunnels to bypass existing perimeter firewalls and IPS protections.

Accor deployed Imperva SecureSphere’s Web application firewall and database gateway to inspect SSL traffic in real time and protect several hundred gigabytes of customer data across Oracle, SQL Server and Informix systems. The WAF was rolled out in half a day and learned normal vs. suspicious patterns in under a week, providing application-level alerts, SQL-injection protection, monitoring/auditing for PCI compliance, and minimal performance impact.

Accor Hotels

Harvey Ewing

IT Secutiry Director