We utilize artificial intelligence for site translations, and while we strive for accuracy, they may not always be 100% precise. Your understanding is appreciated.
Home/
Blog
/
Visana Scales File Upload Security for Clients…
Insurance | Customer Stories
Visana Scales File Upload Security for Clients Without Operational Overhead
With OPSWAT MetaDefender Cloud™ and the ICAP Cloud integration, Visana strengthened file security, accelerated scalability, and reduced operational overhead while maintaining compliance.
By Oana Predoiu
Share this Post
About the Company: Visana Services AG is the service organization behind the Visana Group, one of Switzerland’s largest health and accident insurers. Headquartered in Bern, the company supports approximately 850,000 individuals and 16,500 corporate customers, employs around 1,400 people, and manages an annual premium volume of nearly CHF 4 billion. With operations spanning roughly 50 locations across Switzerland, Visana is responsible for safeguarding large volumes of sensitive healthcare and personal data.
What's the Story? By deploying MetaDefender Cloud and its ICAP Integration into its internal Airlock Gateway, Visana achieved seamless and scalable file upload security and ensured reliable protection against malware.
Since 2023, cyber risks in insurance have officially ranked[1] as an immediate threat to insurers worldwide, ahead of regulatory change, climate exposure, and talent constraints.
Recent attacks show how far such threats can reach, such as the mid-2025 attack[2] on U.S. life insurer Allianz Life, where hackers stole PII data belonging to the majority of its approximately 1.4 million customers.
Imagine the scale; years of customer acquisition and relationship building, all compromised in a single incident. Cyber attacks in insurance happen in environments where cybersecurity isn’t viewed as a strategic business concern.
But some insurance companies understand the risk and take proactive mitigating steps, setting the bar in the industry. Visana Group is one such example.
Based in Bern, Visana Group is a long-established Swiss insurer, active since 1996 and serving more[3] than 840,000 privately insured individuals and over 16,500 companies. For its private customers, Visana holds datasets capable of forming complete digital profiles, including medical history, financial records, banking details, and lifestyle data. Corporate clients are not exempt from risks.
Claim histories, contractual terms, and internal risk assessments can be combined into actionable intelligence.
In the wrong hands, such info powers targeted ransomware campaigns designed to maximize financial gains for the attacker. One of Visana’s more immediate exposure points lies in the file upload process.
A common (but often underestimated) attack vector, file uploads can carry hidden malicious content capable of executing code, establishing persistence, or triggering lateral movement once opened or processed. The risk becomes more urgent when documents are exchanged in high volumes and under time pressure, which was Visana’s case.
While they were already using OPSWAT on-prem scanning solution (ICAP On-Prem via the MetaDefender Core™ platform), Visana wanted a more flexible, scalable solution.
The MetaDefender Cloud platform was precisely what they needed. Client uploads are still scanned with Metascan™ Multiscanning technology, while the ICAP Cloud approach eliminates hardware maintenance and software update concerns for fast deployment and effortless scalability.
Here’s how the process unfolded.
High-Risk File Flows, Rising Overhead, and Non-Negotiable Compliance
If left unchecked, a legitimate business process like client uploads could become a malware delivery mechanism. To mitigate the risk, Visana included file scanning in their upload process, to avoid introducing malware into their systems. As a business which constantly expands its database, they needed a way to scale at speed.
However, scaling on-prem infrastructure is often slow and expensive. Visana’s best-case scenario was a solution like OPSWAT, where we handle scalability and take on the overhead that comes with it.
All had to happen under the larger umbrella of compliance. Keeping up with industry regulations slowed down operations.
"We needed to secure every upload without slowing down operations or taking on the complexity of scaling on-premises infrastructure. While compliance was essential, it was also creating friction."
Stefan Brotschi
IAM (Identity & Access Management) Engineer
However, compliance is always non-negotiable.
Thus, Visana needed more than an average security solution. They needed a partner which secured file uploads through technologies that are:
Powerful
Hassle-free
Scalable
Compliant
Multi-Engine, Cloud-Scale Security for Visana's Insurance Workflows
The company transitioned from using MetaDefender Core with an ICAP Server deployed on-premises to MetaDefender Cloud.
By routing file upload traffic from its Airlock Gateway directly to MetaDefender ICAP Cloud, Visana removed the need to operate and maintain its own malware scanning infrastructure.
MetaDefender Cloud provides the advanced file security Visana needed, while ICAP Cloud’s near-universal compatibility ensures a seamless implementation. Out of MetaDefender Cloud’s technologies, one in particular was of great use for Visana.
Metascan™ Multiscanning
The scanning technology inside MetaDefender Cloud, Metascan Multiscanning uses 20+ engines for file scans, combining signatures, heuristic, and machine learning to achieve a +99% detection rate.
ICAP Cloud
Designed for effortless integration with ICAP-enabled devices, MetaDefender ICAP Cloud provides a flexible approach to network, data, and application security. It offers a scalable alternative to on-premises infrastructure and lowers overall operational costs.
In less than one year, Visana:
Deployed MetaDefender Cloud to scan all file types, including JSON payloads and complex documents.
Took full advantage of the multiscanning technology, which uses 20+ anti-malware engines, ensuring file uploads are clean.
Leveraged their existing Airlock Gateway in the integration process, directing file uploads to MetaDefender ICAP Cloud for advanced malware scanning.
Simplified compliance; MetaDefender Cloud privately processes files in temporary storage, sensitive files are not stored on OPSWAT servers, keeping Visana compliant.
“ One thing that really stood out about MetaDefender Cloud was its ability to provide vulnerability data in JSON payloads, which made it much easier for us to handle everything in one place.”
Stefan Brotschi
IAM (Identity & Access Management) Engineer
Enhanced Scalability, Streamlined Secure File Handling, and Strengthened Compliance
The shift to a cloud-based model delivered hassle-free management, improved scalability, and consistent performance. At the same time, Visana ensured that sensitive client data remained private and fully compliant with regulatory requirements.
BEFORE
AFTER
Client file uploads insufficiently secured
Files scanned with 20+ AV engines
High operational overhead
Overhead absorbed by OPSWAT
Slow and costly scaling options
Virtually unlimited scaling capabilities
Bottlenecked processes behind privacy
Higher, compliance-ready threat coverage
“ MetaDefender Cloud gave us the flexibility to scale, stay compliant, and keep file security strong without adding operational overhead, all while running in the European cloud”
Stefan Brotschi
IAM (Identity & Access Management) Engineer
Staying Ahead of Threats with Advanced Threat Prevention
The threat landscape for insurers shows no sign of slowing down. Left unchecked, every file, workflow, or operations can become an attack vector. Visana made a different choice.
They acted before the threat became a reality, embedding prevention into their workflows. Their approach proves that advanced security doesn’t warrant a complete system overhaul, outstanding costs, or scarified efficiency or compliance. By doing so, Visana became a model for proactive cybersecurity in the insurance industry.
If you are ready to move beyond reaction and take control of your security stance, get in touch and see how OPSWAT’s solutions can protect your systems, your data, and your customers.
