Case Study

Lemonade Moves Up from VPN to Banyan Zero Trust Access Solution

“Providing developers with the Service Tunnel was a big win. Developers were in disbelief by how easy it was to connect. Before Banyan, they would hit 'connect' in their VPN client, deal with a push notification, and then stare at a spinning circle, tapping their fingers... waiting. Now, they click one button and they are connected instantly. They still can't believe it's so simple, and yet more secure.”
Eyal Gershon Sr. Cloud Security Engineer, Lemonade, Inc.

Lemonade: An Industry-leading Insurance Company

Lemonade Inc. offers renters’, homeowners’, auto, pet, and term life insurance in the United States, as well as contents and liability policies in Germany and the Netherlands and renters’ insurance in France. This New York City-based insurance company has received the highest end user reviews, with 4.9/5 stars in the App store, and has been named as a top-rated insurance company by SuperMoney, Clearsurance, and other insurance rating services.

IT and Business Challenges

Jonathan Jaffe is the CISO at Lemonade Inc. He is responsible for the security of all IT infrastructure, services, and company data. “Our security team is relatively small,” said Jaffe. “We are growing rapidly as a company and introducing additional services, so we’re now hiring additional headcount for our security team to support the new demands.”

Lemonade was relying on a virtual private network (VPN) for secure remote access before it moved to Banyan. “VPNs were great in the late 80s, and they have been ‘just okay’ since then,” said Jaffe. “We needed something that was much more sophisticated than a VPN – a connectivity solution that would enable our end users to safely and easily connect to our services. We also wanted a solution that would allow us to onboard users with the right level of privileges, and as their roles and responsibilities change, easily adjust their privileges to maintain a state of least-privileged access.”

The Banyan Security Zero Trust Network Access Solution

Jaffe was already familiar with Banyan when he joined Lemonade, having used Banyan’s zero trust network access (ZTNA) solution at his previous company. “We did look at other remote access companies, including a number of startups located near our office here in Israel,” he admitted. “I also looked a bit halfheartedly at the ‘bigger’ companies, but I typically don’t enjoy working with them. Larger enterprises are usually not responsive, their prices are higher than they should be, and if you need a new feature or support, you’re not guaranteed they’re going to be there unless you pay a really inflated enterprise support price. We were looking for a company that would be responsive to our needs, where we could develop a mature relationship between a buyer and a seller – not one where we are taken for granted. That’s why we chose Banyan.”

Deploying Banyan

Lemonade started using the Banyan Security Zero Trust Remote Access product early in 2021. Banyan provides a secure way for employees, developers, and third parties to work from anywhere, accessing corporate data without relying on network-centric solutions like VPNs. Banyan’s Zero Trust offering leverages user and device trust scoring with continuous authorization to ensure robust protection, while providing seamless and productive access to hybrid- and multi-cloud apps, hosts, and servers.

“The Banyan deployment was straightforward,” said Jaffe. “Our end points are predominantly Macs, with a small handful of Windows devices. Some of our employees use Androids and iPhones. We haven’t rolled out Banyan to those devices yet, but we will likely do that soon. We’re careful to make sure the end user experiences are really good, so we’re deploying the solution one step at a time. We’ve already rolled Banyan out to about a third of the company, and we expect to be completely rolled out by the end of this year.”

Riding the Banyan Train

“Connecting through a VPN is like being on a train,” described Jaffe. “You buy a ticket at your embarkation point, and the train ends at a walled city. You know you’re safe all the way there, but once you disembark from the train and go into the city, you can roam anywhere without restrictions. You may not know where you’re supposed to go and where you’re not supposed to go, since you have access to everything. In contrast, Banyan is like a train where you buy a ticket to a very specific destination, not just an open-ended ticket into the center of a walled city. You can’t get off anywhere else on the way, you can only go to that exact location. And then when you leave your destination, you get back on to the train, but you don’t get to meander around the city and explore new areas.”

“I’m a huge fan of Banyan, and I have already recommended the solution to several of my peers. In my opinion, Banyan is delivering the best Zero Trust Access solution in the market today.”

Jonathan Jaffe, CISO, Lemonade, Inc.

Customer Outcome

Increased Security

When asked about the biggest benefit of moving to Banyan, Jaffe replied, “The increased security we get with Banyan is tremendous. Compared to our VPN, it’s night and day. Our systems are much more secure with Banyan.”

Higher Availability

“The availability with Banyan is significantly better than with the VPN because we can deploy as many instances behind load balancers as we want,” explained Jaffe. “We plan on doing geo load balancing in the next few months. Banyan offers us availability and security in a way that we just didn’t have with a standard VPN. Obviously, we could have gone with a more robust VPN solution, but a VPN is just not the best technology for us anymore.”

Insurance Provider

Higher Availability

  • Existing VPN remote access solution lacked security and easy scalability
  • Remote employees had to perform cumbersome steps to access their services
  • Many administrative tasks had to be performed by hand, introducing the possibility of risk into the environment

Banyan Zero Trust Remote Access

Customer Benefits

  • Improved system security
  • Reduced the number of steps for employees to access services from six to one, improving employee productivity and end user satisfaction
  • Simplified remote access management Eliminated manual, error-prone processes
  • Enabled easy scalability as the company grows and adds more users