Overview

TechSoup Global, a nonprofit organization based in San Francisco, California, offers other nonprofits a one-stop resource for technology needs. The organization provides free online information, resources, and support. They also offer TechSoup Stock, a product philanthropy service where nonprofits can access donated and discounted technology products provided by corporate and nonprofit technology partners. The product donation program has enabled organizations to save over $1.4 billion in expenses as of June 2009.

Donations are often processed through credit cards, which makes the organization’s web-based transaction processing infrastructure a prime target for hackers. After an unsuccessful breach attempt, TechSoup felt it needed to go beyond traditional perimeter and desktop protection. A comprehensive evaluation of web application firewalls (WAFs) led TechSoup to select Imperva’s SecureSphere for its ability to provide operational visibility, with little overhead and no changes to the applications, and its ability to facilitate PCI compliance.

“We have a responsibility to protect the data for our vendors and our partners, and our clients and our employees,” explained Richard Collins who manages cyber security for TechSoup.

Business Problem

TechSoup Global’s web application servers handle sensitive data on a regular basis, including credit card information from donors. The volume of TechSoup transactions placed the organization in the Tier 4 merchant classification, which required the nonprofit to comply with strict Payment Card Industry (PCI) rules that govern the handling of personal data.

TechSoup’s small, but dedicated, application development and IT teams worked hard to maintain a secure environment using traditional firewalls and desktop security solutions. But in early 2009 a hacker launched an unsuccessful SQL injection attack, which attempted to gain access to sensitive data within the transaction processing application. As a result, TechSoup was forced to take its applications offline for two days, while staff tried to determine how the exploit was executed and remediate any weaknesses in the system.

“We did have a SQL injection issue about a year ago, and the SQL injection was unsuccessful in destroying or modifying or stealing any data. However, it did take us about two days of system downtime to deal with the forensics,” explained Collins. The attack caused TechSoup to search for an application security solution that would more effectively monitor and protect its applications from hackers and prevent the loss of sensitive data. As a nonprofit with limited resources, the solution also needed to be easy to use and deploy, and require no changes to applications or the network.

Technology Requirements

To protect its web-based transactions from hackers, TechSoup Global deployed SecureSphere Web Application Firewall.

SecureSphere delivered total visibility into data access and usage. Its easy-touse interface provided granular policy creation and enforcement to circumvent unauthorized access or changes to data residing on TechSoup’s web applications and databases. SecureSphere Web Application Firewall protects web applications and sensitive data against sophisticated attacks, such as SQL injection, cross-site scripting (XSS), and brute force attacks. It also stops online identity theft, and prevents data leaks from applications. Imperva’s Dynamic Profiling technology automatically builds a model of legitimate behavior and recognizes application changes over time, ensuring that SecureSphere’s security policies are up-to-date, and accurate, without manual tuning.

SecureSphere met TechSoup’s needs for flexible, non-intrusive deployment, and the ability to manage their environment with the smallest of footprints. The solution offers drop-in deployment, automated adaptable security, and low operational overhead. “The architectural flexibility was just what we needed,” says Collins. “We did deploy it in an inline mode, but we appreciated the fact that we could have deployed it in other modes.”

The Intelligent Choice for TechSoup Global

With the deployment of SecureSphere Web Application Firewall, TechSoup Global has gained operational visibility and control of its applications, ensuring a high level of trust among its nonprofit partners and donors. “Our comfort level is much higher knowing that Imperva is providing protection at the application level,” says Collins. SecureSphere has also helped us simplify PCI compliance by reducing annual pentesting requirements. SecureSphere has turned out to be a very good fit for us.”