Imperva > Case Studies > Securing Government Web Applications: A Case Study of Israel Ministry of Finance e-Government Initiative

Securing Government Web Applications: A Case Study of Israel Ministry of Finance e-Government Initiative

Imperva Logo
Technology Category
  • Application Infrastructure & Middleware - Event-Driven Application
  • Sensors - Level Sensors
Applicable Industries
  • Cities & Municipalities
  • Telecommunications
Applicable Functions
  • Maintenance
Use Cases
  • Construction Management
  • Tamper Detection
Services
  • Cybersecurity Services
  • Training
About The Customer
The customer in this case study is the Israel Ministry of Finance e-Government Initiative, also known as the Tehila project. The Ministry of Finance is the main economic ministry of the Government of Israel and is responsible for planning and implementing the government's overall economic policy. In the early 1990s, the Israeli government formed the e-government program to harness information technology for the improvement of civil services to its citizens, private sector businesses, and other government bodies. One charter of the program was to connect each of the government ministries to the Internet to improve the delivery of information and services. As part of that effort, in 1997 the Ministry established the governmental Internet committee to set working regulations for building Internet sites and to assimilate information technology in government offices.
The Challenge
The Israel Ministry of Finance e-Government Initiative, also known as the Tehila project, was faced with the challenge of protecting sensitive applications and data from cyber-terror attacks while ensuring 24/7 access for visitors. The project was responsible for providing all government ministries and institutions with secure Internet services. The primary motive was to prevent cyber-terror attacks on sensitive applications and data. Tehila hosts and secures dozens of government web applications and needed to build a secure platform for these applications and data to appear on the Internet. Before Tehila, the sites were hosted by private ISPs at a very low security level and some were breached. The solution needed to be easy to deploy, not burden the staff with excessive maintenance, and provide reporting with a view into what was happening in their applications.
The Solution
Imperva’s SecureSphere Dynamic Profiling Firewall was chosen as the solution to the challenges faced by the Tehila project. In March 2005, Tehila began a four-month pilot program intended to protect several sensitive web applications. The key requirements for the project were low administrative overhead, performance to support multiple different sites, and visibility for technologists and managers. SecureSphere is currently protecting several sensitive web applications. The Tehila staff has already seen daily application-level attacks including SQL injections, cross-site scripting, buffer overflows and more. Some of the attacks were extremely sophisticated. Most importantly, the team has the ability to better understand each protected application and its level of threat. They can easily analyze attacks and constantly improve the level of security they provide.
Operational Impact
  • The implementation of SecureSphere has allowed the Tehila project to significantly improve the security of the government web applications it hosts. The solution has been able to protect against a variety of sophisticated attacks, including SQL injections, cross-site scripting, and buffer overflows. The team now has the ability to better understand each protected application and its level of threat, allowing them to constantly improve the level of security they provide. The solution has also met the key requirements of the project, including low administrative overhead, performance to support multiple different sites, and visibility for technologists and managers.
Quantitative Benefit
  • SecureSphere is currently protecting several sensitive web applications.
  • The Tehila staff has already seen daily application-level attacks including SQL injections, cross-site scripting, buffer overflows and more.
  • The team has the ability to better understand each protected application and its level of threat.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.