Case Studies


Oregon Credit Union Secures Vital ATM Network, Invests in Customer Experience

Security and simplicity saved the day for one sizable Oregon credit union frustrated by an expensive, unreliable and unwieldy architecture for its mission-critical ATM network. Change was mandatory to sustain its member-first objective and to attract tech-savvy and time-conscious customers looking for convenience and superior service.

From VPN to VPNot

To stay competitive and offer the flexibility member-owners expect, the Oregon credit union — which holds more than $1B in assets — needed to update the way it maintained and secured 20 ATMs spread across its service region. Initially, it had relied on a Virtual Private Network (VPN) architecture, but this presented significant challenges for maintaining uptime and security at these key endpoints.

The old VPN technology hindered the small and exceptionally busy IT team. Each VPN tunnel required time-consuming manual configuration. Further, the tunnel would collapse after inactivity from the ATMs, setting off an alert and an interruptive firewall reboot process.

The VPN devices also presented a security challenge because every ATM location represented a network vulnerability. Theoretically, an unauthorized individual could gain physical access to the firewall at any of the locations, control it, and worm his or her way into the data center.

Finally, the cost of annual maintenance agreements, even for the smaller appliances, was prohibitive.

A simple, secure and cost-effective VPN replacement

Structured knew a better way and recommended a simple, secure and cost-effective alternative to the VPN infrastructure – HIPswitches from Tempered Networks.

Tempered Networks, with its revolutionary utilization of Identity-Defined Networking (IDN) and the Host Identity Protocol (HIP), specializes in securing any machine or endpoint – such as an ATM – across physical, virtual, or cloud environments without disrupting the existing architecture.

HIPswitches act like cloaking devices by creating a virtual overlay network, complete with micro-segmentation, machine authentication, and end-to-end encryption. Instead of relying on insecure and spoofable IP addresses, HIPswitches use location-independent cryptographic identities built on 2048-bit RSA public keys.  This provides native security with mobility in mind.

As a bonus, HIPswitches are relatively easy to deploy and manage despite their makeup of very sophisticated security protocols. Implementation software presents a drag-and-drop interface, simplifying the creation of connections between devices and device groups.

Because this technology was unfamiliar to the credit union, Structured established a month-long POC – complete with training – so that the team became comfortable in the new environment. At the month’s end, devices transitioned from POC right into production.

Results: Better Business, Stronger Security

Adding future ATM locations will be a breeze for IT because HIPswitches are configurable when constructed and easily incorporated into existing architectures. This makes the prospect of adding ATMs to support customer demand even more attractive. For heavily regulated entities like credit unions, extra security also brings peace of mind – both for the executive leadership who must answer to regulators and member-owners who want their financial data protected.

Ultimately, incorporating HIPswitches into the ATM network made sense on two important fronts: it enabled business growth and strengthened security. The credit union made a wise investment decision that will yield high dividends for a long time to come.