Since its founding in 2016, Better has funded more than $100 billion in home loans and provided more than $38 billion in cumulative coverage via its insurance divisions. The company’s mission is to transform the mortgage industry and traditional lending services to make homeownership simpler, faster, and more accessible for all Americans.
As a digital-first homeownership company, Better is privy to customers’ financial histories. This highly sensitive data and management of customer and employee accounts must be kept secure. Data security is a key to building trust via Better’s hands-on customer service; state and federal regulators mandate it.
To ensure the highest level of security and ease of cross-platform integration—and to achieve the best ROI for its technology investment—Better employs Palo Alto Networks end-to-end security platforms. Year after year, the company has turned to Palo Alto Networks for its data security, cloud management and attentive, high-touch customer support.
As the company has grown and launched new online services for customers, Palo Alto Networks products are helping Better advance its mission and stay ahead of new threats while keeping client information secure.
Security with flexibility and ease of access
As Better grew, its larger scale brought increased security threats. The company wanted to mature its approach to threat detection and response and use automation to make its Security Operations Center (SOC) team more efficient and effective. “As we scaled up, we couldn’t keep up with all the threats that were coming in,” says Ali Khan, chief information security officer at Better. “We have dozens to hundreds of alerts a day. What do you do? A lot of them were rinse-and-repeat alerts. It’s not something we really needed a human for; you can automate this.”
From a business standpoint, Better also needed to ensure secure online access for customers and employees. In the wake of the COVID-19 pandemic, the company was intent on making a safe and secure transition to remote work for its employees. It had an existing virtual private network (VPN) but wanted a cloud-based solution that would be easier to scale and manage—and more accessible for users to adopt. The need to meet these challenges became more urgent as the pandemic continued.
Securing data was another important priority. As a digital-first homeownership company, Better manages tremendous volumes of confidential, sensitive, and highly valuable information. Customer Personal Identifiable Information (PII) and the company’s intellectual property (IP) had to be secured. Data loss prevention (DLP) from breaches or other incursions was another primary focus.
"As we scaled up, we couldn’t keep up with all the threats that were coming in. A lot of them were rinse-and-repeat alerts. It’s not something we really needed a human for; you can automate this."
Ali Khan
Chief Information Security Officer, Better
Consistent and scalable security over a broad range of data
Better sought to align with its corporate growth and modernization goals by moving to the cloud, making available new service offerings to its customers, and enabling remote access for its employees.
Security solutions needed to meet the company’s technical requirements while also remaining easily adoptable and user-friendly. High-touch support from its technology partner was also an important consideration, so its security teams could resolve any emerging issues quickly and efficiently.
As remote work increased, Better required a cloud-based VPN and endpoint detection and response. Every facet of the technology stack needed to be secure and meet regulatory requirements. Better also wanted cross-functionality for its various security solutions to simplify management of its security landscape. And the solutions it deployed needed to be cost-effective.
The new security solutions had to make collaboration across internal teams easier for engineers and security experts alike. “Traditionally, engineering teams are regarded as very opaque,” Khan notes. “Prisma Access gave us transparency. It wasn’t just a security person telling an engineer, ‘Hey, this is broken, fix it.’ Engineers could go into the platform and understand it on a technical level they could appreciate. That encourages them to move faster to fix issues.”
"Prisma Access allowed us to securely deliver our software solutions internally to our employees anywhere in the world. That was a huge game changer."
Ali Khan
Chief Information Security Officer, Better
Improved efficiency and enhanced security
After positive discussions with Palo Alto Networks' Sales and Technology teams, Better immediately recognized the value of Palo Alto's Next-Generation Firewalls. This led them to confidently embark on their security journey with Palo Alto Networks, deploying the firewalls as the first step.
When Better was looking to replace its VPN, Palo Alto Networks came to mind again. An Executive Briefing Center session helped Better evaluate Prisma Access as a means of providing consistent security to its remote networks and mobile users. Prisma Access offers consolidated best-in-class and cloud-delivered Zero Trust Network Access (ZTNA) 2.0 security with the best user experience on a single unified platform. A proof of concept soon followed.
During this time, the COVID pandemic ramped up. With help from Palo Alto Networks technical experts, Better was able to quickly and confidently pivot to remote work for all of its employees. Together, Better and Palo Alto Networks enabled secure access for Better employees in just five days and eventually scaled up to the entire staff. “Prisma Access allowed us to securely deliver our software solutions internally to our employees anywhere in the world,” Khan says. “That was a huge game changer.”
Next, Better reviewed its internal security systems and recognized an opportunity to update and reinforce its SOC. The company included Palo Alto Networks in its evaluation of products, this time looking at Cortex XDR. Cortex XDR simplifies SecOps with one solution for threat detection and response across all data and endpoints and delivers enterprise-wide protection by analyzing data from any source to stop sophisticated attacks.
As part of its review, Better conducted a four-week evaluation, during which its Red Team crafted custom-made malware to attack Cortex XDR. In every instance, Cortex XDR came out on top, detecting the threat and defending against it.
To streamline its operations and enable greater automation for its SOC, Better also adopted Cortex XSOAR, which enriches data, improves alert triage, and automates repetitive tasks to reduce investigation time from hours to minutes. As threat alerts arrived, Cortex XSOAR allowed for automation of 90 percent of responses. This significant improvement freed up Better’s IT team to focus on more complex, future-facing issues.
In addition to helping its teams scale and focus on what matters most, Better partnered with the Unit 42 Managed Detection and Response (MDR) Service. Unit 42 experts work as an extension of Better’s security team to detect and respond to cyberattacks 24/7.
Most recently, Better looked to shore up security across its cloud environment. As the company has grown over the years, so has its cloud infrastructure. Khan notes, “As we grew, we couldn’t keep up with securing our infrastructure on our own. It was too much manual work, and we had dozens of AWS accounts and hundreds of servers.” Prisma Cloud allowed Better to evaluate its cloud security posture, improve consistency, and reduce the manual burden on security employees. This not only brought time savings but also allowed staff to focus on more strategic activities and reduced friction from collaboration across teams.
“Traditionally, you see a lot of friction between Security and Engineering teams, but Prisma Cloud was very well received by our internal engineers,” Khan says. “It was easy to connect to AWS and didn’t interfere with our development lifecycles. When deploying software or products, our security team can use it, and our engineers have visibility into it. They were also very happy with the interface—it showed them the issues they faced and suggested how to resolve them.”
Along every step of the way, Palo Alto Networks customer support and services staff worked closely with Better to ensure that each product was deployed and adopted easily to fit employee needs. “Palo Alto Networks brought the best and brightest in terms of account management and technical account management,” Khan says. “Regardless of who the specific rep is, we’ve seen a continued culture of excellence.”
"Systems that make people feel excited about their job–that’s the number one priority. And that’s what XSOAR delivered."
Ali Khan
Chief Information Security Officer, Better
Unified platforms meet business and security challenges
Today, Better’s adoption of multiple Palo Alto Networks security platforms has brought greater security at less cost and with less friction for employees. For Khan, there’s significant value in unified security platforms: “A very strong security posture beats having piecemeal products from several different vendors.” Recently, Khan reported on the security initiative to the company’s board of directors.
"“Palo Alto Networks is not just a security vendor,” he told them. “They’re a critical partner of the business. If we don’t have Palo Alto, we don’t have security.”"
Ali Khan
Chief Information Security Officer, Better
Scalable and secure access from anywhere
By transforming to a cloud-based approach with Prisma Access, Better could rapidly shift to remote work while consistently keeping its people, data, and apps secure. Work can now be done anywhere, and it remains safe and secure.
Visibility and control over cloud security
Better gained visibility across its Amazon Web Services (AWS) resources, bringing transparency to its security and engineering teams. Both of those teams were impressed with the simplicity of connecting to AWS and the intuitive user interface of Palo Alto Networks products. Prisma Cloud, for example, functions independently from Better’s preexisting AWS workflows, allaying engineers’ concerns that it would interfere with development lifecycles or software deployment. In the future, the company will extend Prisma Cloud to Microsoft Azure environments, which it’s starting to adopt.
Decreased incident response time
With the combination of Cortex XDR and Cortex XSOAR, Better’s SOC team improved its mean time to respond (MTTR), becoming more efficient in handling threats. SOC staff can now focus on the highest priority alerts and rely on Cortex to automate most of their investigations and responses.
Reduced costs
By investing in a unified Palo Alto Networks security platform, Better benefits from substantially lower costs than its previous multivendor approach. And the company has been able to leverage economies of scale resulting in more favorable pricing.
Unified security and networking
With Palo Alto Networks as its security partner, Better has continuously strengthened its security posture while expanding its product offerings to customers and bringing safe, secure remote work to its employees.
But the journey is never done. As it looks ahead toward emerging technologies and potential security threats, Better continues to deepen its collaboration with Palo Alto Networks, building trust with customers and employees.
Find out more about how the best-in-class solutions from Palo Alto Networks can improve networking and security for your organization. Additional information is here.