“We improved security well beyond the reach of other tools. Grip was built for the way SaaS is consumed across our users, and it provides us visibility the SaaS self-provisioned by users. Now, discovering and mitigating SaaS exposures, along with removing the cost of redundant apps has made us more secure and better stewards of our IT resources.”
Dave Lyons, Director of IT and Security
Universal secure access and offboarding
Texas Baptists’ rapid transformation created additional security challenges for safe access to SaaS applications outside the direct control and management of the IT or security team. Each year, Texas Baptists have cohorts of users changing roles, responsibilities, and even leaving the organization just in time for another round of ministers and ministry teams to join.
The continuous fluctuation of users was matched only by the sheer number of SaaS applications, tallying up to an average of 62 new apps per year. At the same time, Texas Baptists were expanding the reach of its ministries and ministers to nearly encompass the globe, leading to an exponential diversity of SaaS services within each individualized ministry need.
The only constant factor was identity. Texas Baptists chose Grip for its identity-based SaaS discovery to reveal user-SaaS relationships and automate actions, such as offboarding, to sever risk relationships.
Additionally, Grip’s SaaS security innovation enabled the security team to pinpoint identities whenever and wherever SaaS was used — identifying key areas of opportunity to remove redundancy, reclaim licenses, and consolidate redundancies as they emerged.
Finally, Texas Baptists leveraged Grip’s automated offboarding enabled to remove the risk of unauthorized access to SaaS (such as dangling access for former users) and helped the security team get more done and effectively integrate new identities and initiatives.
“What surprised us was just how much our SaaS and identity landscape changed day-to-day, week-to-week. In the first week of deployment, we eliminated years of identity risk we did not know about. Grip sees it all as it happens, so we’re never in the dark about which SaaS apps are being used, who’s using them and what protections are in place for secure access. ”
Dave Lyons, Director of IT and Security
SaaS visibility and risk response
For Texas Baptists, visibility (for SaaS and identities) is critical. Grip gives the security team on-demand insights into SaaS use, misuse, and abuse by continuously discovering SaaS as it is consumed by Texas Baptists’ users, regardless of network status, device, or location —all without proxies or agents.
Cyber-attacks and SaaS breaches have been well-documented in recent reports from the 0ktapus threat campaign of 2022 to the phishing, smishing, and vishing schemes that impacted Twilio, Plex, Dropbox, Signal, Uber, and Digital Ocean, among others.
When SaaS providers are compromised or abandoned SaaS contains zombie accounts, Texas Baptists can instantly see if and where identities are exposed to a compromised SaaS service, without sitting back to wait for “an event”.
Grip gave the security team relevant, actionable insights for risks that mattered and prioritizing mitigations for each SaaS app’s inherent risk and access controls for each user of the SaaS service.
Conclusion
Identities are the top target for cybercriminals and attackers, including more than 25 million brute force attacks every day, worldwide.
Texas Baptists identity and SaaS sprawl by utilizing Grip’s panoramic view of user-SaaS relationships —without proxies, agents, or user disruptions.
Texas Baptists removed risk (and cost) from hidden and redundant SaaS services, easily classified and assessed with automated workflows for justification, audit, and access review.
The security team can now scale safeguards to all SaaS whenever and wherever it is used —along with shaving license cost from better awareness of SaaS and the identities consuming it —anywhere, everywhere, and on-demand.
Download PDF