Meeting with customers is always insightful, and recently I got a chance to sit down with Aaron McKeown, head of security engineering and architecture at Xero, to talk about how they use Imperva SecureSphere for their cloud-hosted applications.
Founded in 2006, Xero provides cloud accounting software to small businesses. The company, which has over one million subscribers in more than 180 countries, is scaling quickly. After experiencing a significant period of growth, they decided to move from legacy infrastructure to a cloud data-hosting environment.
McKeown: While we had grown to be hugely successful on our previous infrastructure, we migrated to AWS’ data-hosting environment to enable us to scale to meet the needs of millions of customers.
Our systems are busiest on the first and twentieth of the month and in the days leading up to tax filing deadlines. We needed a data-hosting environment that would enable us to scale out our servers to meet high user demand times and deliver more consistent performance to our customers, even during the busiest times of the day.
Aaron McKeown, head of security engineering and architecture at Xero
McKeown: When we began our migration to AWS, we developed a detailed security architectural plan, which outlined the five key tenets to our security architecture. One of those was covered by Imperva and the protection of our web application stack. Not only did Imperva provide the protection we needed, but Imperva SecureSphere gave us a high degree of environmental control and was customizable to meet the needs of our application stack.
McKeown: Deploying Imperva SecureSphere further fortifies the layer of protection between Xero’s users and its application that protects them against the OWASP Top 10 web security risks. Imperva SecureSphere also enables the virtual patching of applications against new vulnerabilities as soon as they are discovered.
McKeown: At Xero, protecting and defending our systems and environment against today’s sophisticated cyber attacks is of critical importance. Imperva is helping us do this without compromising speed or the deployment of innovative features. We’ve developed a strong relationship with Imperva and see them more as a security partner rather than a vendor.