Babble helps the world’s most trusted staffing company protect over 20 different recruitment brands

Streamlined deployment and enhanced protection results in achieving compliance and simplified management

Introduction

As a global player in the human resources industry, our client operates specialised recruitment and MSP brands in prominent markets spanning the UK, North America, Australia, the Middle East, Asia Pacific, and Europe.

A considerable number of their brands are recognised as top-tier companies and are household names within their respective markets. Catering to the needs of numerous job seekers worldwide, this enterprise oversees multiple recruitment websites, payroll systems, candidate CV databases, cloud based file-sharing applications, publicly accessible mobile apps, and a sophisticated multi-site infrastructure.

 

The Challenge

Adopting a data-centric approach to their operations, our client was keen to protect and secure their portfolio of over 25 websites and 2 data centres. This commitment to security aimed to align with industry best practice and adhere to international data privacy laws.

Additionally, the stringent mandates outlined in the General Data Protection Regulation, including the principles of ‘privacy by design’, ‘breach notification’ and ‘subject access requests’ necessitated the development of a new cybersecurity platform capable of ensuring compliance in these crucial areas.

Looking for enhanced security measures, our client sought to deploy a high-calibre, cloud based anti-DDoS solution, including Web Application Firewall (WAF) to protect their extensive web assets from the growing threat of malicious DDoS attacks and web application attacks. Alongside this, there were also required a penetration testing programme.

 

The Solution

When the project began, the client was in the process of moving their operations to the cloud using Microsoft Azure. Following a successful test phase, Babble embarked on implementing a fully managed Oracle Dyn WAF solution to support the client’s network, which is used by multiple tenants.

The deployment posted challenges due to Azure’s handling of encrypted web sessions and handles local load balancing.  However, the feature rich Dyn Cybersecurity Suite allowed us to enhance protection by implementing geo-load balancing on top of Azure, resulting in a better installation.

With this deployment, the client now has safeguarded 27 different production assets, including websites, APls, portals, and their CRM system, each with customised security policies.

Babble’s cybersecurity solution was rolled out to secure over 50 live and test/development domains and web facing applications. It soon became apparent that the client was experiencing high volumes of malicious bot traffic, which was consuming significant resources across their network.

The platform is now handling a monthly load 60 million requests and transmitting 0.7TB of data. The solution features dynamic caching, which has reduced the strain on origin servers by an impressive 77%, resulting in faster loading times and an enhanced end-user experience – a significant benefit for customers.

The system allows for a centralized approach to fine tuning security rules across all web assets, streamlining estate management. The client now enjoys the flexibility to create tailored rules for each site, a level of customisation that wouldn’t have been achievable with a fixed template approach.

Key Benefits

Cost Effective

The solution provides a feature-rich, next generation, enterprise-grade service, at a market-leading price.

Instant Response Plan

Operated as a managed service with 24/7 SOC support, the client has refined their security operations playbook, enabling them to conduct testing at any time.

Ease of Deployment

The onboarding process encompasses an automated penetration test against web application attacks.

Bot Management

The cybersecurity suite includes a sophisticated bot management facility.

Revealing

The JavaScript Challenge revealed that up to 87% of the traffic being blocked is bot traffic, rather than web application attacks. Of this traffic, more than 50% is malicious bots (content scraping).

File Upload Protection

The platform includes an AV scan for file uploads. This has been deployed extensively across the network to help protect against malware associated with jobs.

““Babble has helped simplify an extremely complex deployment for us.
Now that we are fully operational with the suite, and automated WAF rule policies applied, I find that I rarely need to log into the management console.
As a result of the project, we are now OWASP 2017 compliant, safe in the knowledge that we are protected from API attacks, bot traffic and web app attacks. Babble is always on hand to provide technical assistance when needed””

Enterprise ArchitectClient organisation

Security Improvement Programme

  • Strengthen your security posture with an individual approach designed for your business

Find Out More