Imagination Technologies secure their hybrid working future with Palo Alto Networks

Imagination Technologies Group has more than 25 years of experience in designing and licensing intellectual property (IP) processor solutions. Headquartered in the UK, the organisation’s computing, graphics, and artificial intelligence (AI) IP deliver security, performance, and low power consumption in the smallest area of silicon possible, enabling chip makers to develop new innovations in digital products.

Change is happening fast at Imagination. Revenues are climbing across all sectors and geographies. There is an ambitious drive to increase global headcount by more than 30% this year, from 800 to approximately 1,050 people.

However, cybersecurity had been lagging behind this change. A traditional reliance on fragmented point security solutions had made it difficult for the lean security team to manage a complete, unified picture of the security posture. Uncontrolled “shadow” security solutions had also flourished, especially in satellite offices with no dedicated IT resource.

Crucially, Imagination also needed to adapt to the post-pandemic world of hybrid working. Everyone needed the flexibility to work securely from anywhere, whether the silicon engineering team in China, or operations teams in the UK. But with an estate spanning more than 1,000 staff, 14 sites, and more than 12,000 devices, achieving that flexibility would be no easy task.

Backhauling traffic over the existing virtual private network (VPN) connections was inefficient, and poor latency undermined the user experience. Neither was it safe: routing remote and mobile user traffic directly to the internet without inspection risked undermining Imagination’s no-compromise security architecture. A fresh approach to securing remote working was needed.

Imagination identified their new workforce security platform would be required to:

• Enable 1,000+ people to work seamlessly and securely from whatever locations they might choose.
• Provide consistent security services and access to cloud applications – including public cloud, private cloud, and software as a service – through a common framework.
• Fully integrate the secure network access platform with their Cyber Transformation Programme infrastructure.

Palo Alto Networks Prisma Access is a vital component in Imagination’s connected Palo Alto Networks portfolio that underpins the company’s forward-thinking ‘Cyber Transformation Programme. The portfolio spans MLPowered Next-Generation Firewalls (NGFWs), Cortex XSIAM, Unit 42 Managed Threat Hunting, and a resident engineer.

“This is frictionless, no-compromise security at its very best,” says Paul Alexander, Director of IT Operations at Imagination, commenting on the portfolio. “Everything connects seamlessly with Palo Alto Networks – the technologies, the people, and the future roadmap.”

Prisma Access consolidates security in a cloud-native security service edge (SSE) platform. Granular controls connect Imagination’s users while behaviour-based continuous trust verifications reduce the attack surface when users connect.

Prisma Access provides universal security too, securing all apps at all times – including Imagination’s onpremises, internet-based, legacy, SaaS, and cloud-native apps. Paul explains, “This always-on, secure remote access provides 1,000+ users with a consistent user experience and continuous protection – regardless of location.” Prisma Access allowed Imagination to fully realise least-privileged access while reducing risk with continuous trust and threat verification for all users, devices, apps, and data. Paul continues: “During the pandemic, for example, we switched almost all employees immediately and securely to homeworking, without point hardware deployments.”

Imagination had deployed the GlobalProtect app before their more recent upgrade to Prisma Access. GlobalProtect allowed Paul and his team to establish access policies based on host information profile (HIP), enabling even more granular security policies tied to device characteristics – such as operating system, patch level, and the presence of required endpoint software – when accessing Imagination’s sensitive applications. “All of this is available in a common policy framework and single pane of glass,” he says.

Prisma Access is helping Imagination be more agile and productive in the post-pandemic hybrid working world. Its benefits include:

• Secure transformation: Despite an accelerating rate of change, Imagination’s IP and people are reliably protected from known and unknown threats. With Prisma Access, Imagination can realise least-privileged access while reducing risk for all users, devices, apps, and data. Paul comments, “We are never complacent. However, thanks to Palo Alto Networks, Imagination are extremely well defended against cyberattacks. We’re confident now.”
• People engagement and satisfaction support: The cloud-native architecture scales seamlessly, provides great performance, and ensures an exceptional user experience. All of this contributes to more satisfied teams. “Given the war on talent, this flexibility is an important component in helping to attract and retain the best talent,” says Paul.
• Agile security: The correlation of data between network, endpoint, and cloud security results in a more agile, intelligent security posture – and has led to a significant drop in the number of false positive alerts. “Even our most cynical critics now agree security is available in a single pane of glass,” says Paul.
• Simple, unified security: Imagination’s lean SecOps team are liberated from manual vulnerability management tasks to focus on more strategic issues. For example, single pane of glass visibility and management, consistent policy, and shared data for all users and apps all reduce the risk of a data breach.

The wraparound support team are also part of the Imagination fabric. Paul concludes, “We’re not just a small customer at a big supplier. Customer Success, Unit 42, and executive support are continually looking after our best interests.”