Case Study
In brief
Imagination Technologies Group
Processor solutions for graphics, vision, and AI processing
Kings Langley, UK
Technology
US$125 million revenues (2020); 1,200+ staff worldwide
Gaps in security with inconsistent capabilities and policies depending on users’ physical locations increased data breach risk. Backhauling of traffic to the data centre for security enforcement created latency and undermined user experience.
Palo Alto Networks Prisma Access
CHALLENGES
Imagination Technologies Group has more than 25 years of experience in designing and licensing intellectual property (IP) processor solutions. Headquartered in the UK, the organisation’s computing, graphics, and artificial intelligence (AI) IP deliver security, performance, and low power consumption in the smallest area of silicon possible, enabling chip makers to develop new innovations in digital products.
Change is happening fast at Imagination. Revenues are climbing across all sectors and geographies. There is an ambitious drive to increase global headcount by more than 30% this year, from 800 to approximately 1,050 people.
However, cybersecurity had been lagging behind this change. A traditional reliance on fragmented point security solutions had made it difficult for the lean security team to manage a complete, unified picture of the security posture. Uncontrolled “shadow” security solutions had also flourished, especially in satellite offices with no dedicated IT resource.
Crucially, Imagination also needed to adapt to the post-pandemic world of hybrid working. Everyone needed the flexibility to work securely from anywhere, whether the silicon engineering team in China, or operations teams in the UK. But with an estate spanning more than 1,000 staff, 14 sites, and more than 12,000 devices, achieving that flexibility would be no easy task.
Backhauling traffic over the existing virtual private network (VPN) connections was inefficient, and poor latency undermined the user experience. Neither was it safe: routing remote and mobile user traffic directly to the internet without inspection risked undermining Imagination’s no-compromise security architecture. A fresh approach to securing remote working was needed.
REQUIREMENTS
Imagination identified their new workforce security platform would be required to:
SOLUTION
Palo Alto Networks Prisma Access is a vital component in Imagination’s connected Palo Alto Networks portfolio that underpins the company’s forward-thinking ‘Cyber Transformation Programme. The portfolio spans MLPowered Next-Generation Firewalls (NGFWs), Cortex XSIAM, Unit 42® Managed Threat Hunting, and a resident engineer.
“This is frictionless, no-compromise security at its very best,” says Paul Alexander, Director of IT Operations at Imagination, commenting on the portfolio. “Everything connects seamlessly with Palo Alto Networks – the technologies, the people, and the future roadmap.”
Prisma Access consolidates security in a cloud-native security service edge (SSE) platform. Granular controls connect Imagination’s users while behaviour-based continuous trust verifications reduce the attack surface when users connect.
Prisma Access provides universal security too, securing all apps at all times – including Imagination’s onpremises, internet-based, legacy, SaaS, and cloud-native apps. Paul explains, “This always-on, secure remote access provides 1,000+ users with a consistent user experience and continuous protection – regardless of location.” Prisma Access allowed Imagination to fully realise least-privileged access while reducing risk with continuous trust and threat verification for all users, devices, apps, and data. Paul continues: “During the pandemic, for example, we switched almost all employees immediately and securely to homeworking, without point hardware deployments.”
Imagination had deployed the GlobalProtect app before their more recent upgrade to Prisma Access. GlobalProtect allowed Paul and his team to establish access policies based on host information profile (HIP), enabling even more granular security policies tied to device characteristics – such as operating system, patch level, and the presence of required endpoint software – when accessing Imagination’s sensitive applications. “All of this is available in a common policy framework and single pane of glass,” he says.
BENEFITS
Prisma Access is helping Imagination be more agile and productive in the post-pandemic hybrid working world. Its benefits include:
The wraparound support team are also part of the Imagination fabric. Paul concludes, “We’re not just a small customer at a big supplier. Customer Success, Unit 42, and executive support are continually looking after our best interests.”