One of the fastest growing security companies in the world, raising over $280 million in venture funding and touting more than 500 employees within three years of its founding. As a pioneer and leader in cloud-native email security, securing identities in SaaS environments was more than a security project — it was at the heart of their mission. The company leverages AI-based behavioral data science to precise detection and protection against the widest range of attacks including business email compromise, phishing, malware, ransomware, social engineering, spam and graymail. And while successful as one of the fastest growing email security vendors, their ability to mitigate SaaS was a challenge only Grip could solve.
“Grip enables our security team to mitigate the risk of SaaS sprawl and secure every SaaS app with universal access control. With Grip, we can safeguard sensitive data with instant, secure offboarding for any user or any SaaS app.”
Chief Cloud Security Architect
Zero-touch SaaS discovery
Our customer’s expansive SaaS attack surface was driven by business-led IT and modern work — characterized by business groups identifying, sourcing, supporting, and securing their own technologies, especially SaaS applications.
While business-led SaaS was a primary factor of their sustained growth and innovation, it came with new security risks and challenges The security team’s continuously expanding scope of concern was out of balance with their ability to apply direct control — leading to identity sprawl, credential exposure, and overly permissive access across the enterprise SaaS layer, numbering more than 90applications per user, with more than half accessed via duplicate passwords.
Grip’s easy, zero-touch deployment enabled the security team to identify each SaaS services throughout their SaaS estate, core-IT and business-led, production and security SaaS, and associated identities With clear line-of-sight to 900+ SaaS apps, the company could begin prioritizing major SaaS risks to mitigate.
Pinpoint SaaS risks that matter
The company is world-renown for its innovations in email security and business risk Naturally, the organization has a mature and sophisticated way to mitigate risks However, nonstop churn among SaaS apps and users prevented the securityWhy a leading email security provider chose Grip, not CASB security team from identifying real-world risks with newly observed SaaS services that disappear nearly as fast as it is detected. Grip’s SaaS risk indexing helped the security team prioritize risks relevant to their real-world SaaS estate and activity between their users and SaaS services.
With Grip’s multi-faceted, residual risk metrics, the security team was able to prioritize what mattered most to their unique SaaS estate. Unlike other solutions they had considered, like cloud access security brokers (CASB), only Grip identified risks relevant to business-led SaaS context to spot use, misuse, and abuse for any app, not just those sanctioned in CASB.
Universal secure access and offboarding
The company’s rapid growth created additional security challenges for safe access to SaaS applications outside the direct control and management of IT or security teams. These conditions made it virtually impossible to have secure access controls (i.e., behind SSO) for every app and user across the organization — leading to an exponential increase in the threat of dangling access, credential theft, fraud, and chain reaction SaaS-to-SaaS compromise.
The security team and threat analysts leveraged Grip’s historical reach to identify dangling access and zombie accounts, along with overly permissive access for existing users.
With Grip’s present and historic visibility, the security team was able to instantly revoke access and automate future offboarding checks via Grip’s orchestration — all prioritized based on SaaS accessibility and scope of impact to threat, effectively making credentials un-phishable.
These were ‘quick wins’ for their security team, as it demonstrated the agility and responsiveness without seizing control of business-led SaaS apps. The security team built on these initial successes by applying Grip’s universal safeguards to protect access without the costly burden of SSO tax (license increases for SSO-enabled SaaS applications, typically reserved in higher tiered license options by SaaS providers).
Business leaders, groups, and the customer’s security team all benefited from easy, secure identity protection like strong authentication, credential vaulting, and one-click secure sign on.
Conclusion
The challenge for today’s enterprise is to unify SaaS security—core-IT and business-led IT—to make SaaS safe for every one, anywhere, and on-demand. Often, SaaS security consists of blending capabilities from a patchwork of technologies ill-suited to business-led IT strategies.
That is why customers choose Grip — identity-centric, easy to deploy, rapid time to value, universal SaaS security, zero disruptions.
For this award-winning email security provider, early wins turned into standard practice to identify SaaS risk, mitigate business-led SaaS threats, and corral the global SaaS estate with automated detection and intelligent workflows.
Download PDF