Global Streaming Service Chose Grip for SaaS Identity Risk Management

Like many modern enterprises, the employees of this company use SaaS heavily. But entertainment studios face a unique challenge because teams scale up and down based on production schedules, and access needs are sporadic. Though everyone is working off the same script, the work is very decentralized with teams using the tools of their choice to get the job done. The industry also tends to use a high number of contractors, and their access needs also vary depending on the team and work they are doing.

The sprawling production supply chain creates identity risk because each person uses dozens of different SaaS apps, and they may also be members of multiple production teams. The SaaS-Identity risk landscape is continuously in flux, with people joining, leaving, or changing teams constantly. The company supports the use of SaaS for its productivity and cost benefits, however, monitoring all the SaaS being used and controlling the access was extremely difficult.

The team was manually searching multiple systems and tracking the SaaS usage manually.  Multiple teams were involved, and the workload had unpredictable spikes because it was driven by production schedules.

Every time there was a production project starting, people were dedicated to do the initial discovery and track the SaaS usage throughout the project. The data was collected in spreadsheets, and the team struggled to keep it up to date and accurate.Every time there was a production project starting, people were dedicated to do the initial discovery and track the SaaS usage throughout the project. The data was collected in spreadsheets, and the team struggled to keep it up to date and accurate.

These were the natural outcomes of providing agility and user choice when it comes to SaaS tools and cloud apps for the company. However, the growing complexity inherent in their business-led IT strategy demonstrated how the company needed a solution to effectively monitor, secure, and manage their SaaS-Identity risk landscape.

The team had a very manual process, and it was a challenge to keep up with the constantly changing SaaS identity risk landscape. The Grip SSSCP provided out of the box automation that included workflows such as SaaS use justification, risk analysis, and user offboarding for the unfederated apps that production employees and contractors were using.

By leveraging the automation of the Grip SSCP, the workload was reduced by over 80%. After a project is over, the security team was able to clean up SaaS access by easily identifying every SaaS account the production team was using leverage an automated workflow to secure each one of the accounts, which could run into the hundreds.

The Grip SSCP provided visibility to all the SaaS being used regardless of who sourced it. Every time a production employee initiates a SaaS account, the Grip SSCP discovers it and provides a risk assessment of the app. If needed, the system can also initiate a user survey to gather additional risk-related information. If an app is too risky or an alternative app is already available, the user is prompted to stop using it or move to an alternative app.

By centrally monitoring the apps being used and gathering the usage justification, the security teams can keep track of all the users and apps and only get involved when there is a security risk that needs to be addressed. The production teams can move quickly and get the job done without having to think about what apps they use or waiting for approvals.