“It’s been great at identifying blind spots”: Bays Consulting achieves 50% productivity gain with Cyscale

Challenges

Tedious and time-consuming cloud access reviews

Visibility and blind spots in the AWS environment

Technical barrier from vendor security tools for non-cloud experts

Results

50% increased productivity: access review time reduced by half

Enhanced confidence in using the cloud through real-time security monitoring

Cyber hygiene for all the services used in the cloud

Ease of use for all security stakeholders, including non-cloud security experts

Problem

Bays Consulting faced the challenge of manually conducting access reviews for their AWS cloud environments, an essential process for ensuring cloud security and compliance. The task is time-consuming, prone to human error, and laborious. They needed a way to automate this to identify vulnerabilities and blind spots.

Moreover, as they were going through the ISO 27001 compliance process, they needed better visibility into their cloud security posture, to ensure that configurations are aligned with the requirements of the standard.

Exceptionally helpful when doing access reviews; I’m using the platform monthly and it simply automates my work!

James Hawkes,
Head of Delivery at Bays Consulting

Solutions

Cyscale helped Bays Consulting address their challenges and streamlined the access review process: “Exceptionally helpful when doing access reviews; I’m using the platform monthly and it simply automates my work!”, says James Hawkes, Head of Delivery at Bays Consulting. IAM is an essential aspect of cloud security and Cyscale provides the visibility and controls that are required for compliance with ISO 27001.

Furthermore, Cyscale provides contextual, real-time alerts designed to prevent alert fatigue and pinpoint critical vulnerabilities early. The team at Bays appreciates that they are integrated with notification channels such as Slack, aligning perfectly with their working practices. The alerts allow them to give more freedom to members of the team, since misconfigurations are immediately highlighted.

Using alerts, Bays Consulting has gained valuable insights into its infrastructure. “Alerts in Slack are a great help, I can see instantly what others are doing, and it's easy to understand what needs to be secured." James has also found the cloud asset graph practical for identifying misconfigurations: “I love it, it’s really useful when troubleshooting issues such as access configuration or networking”.

Cyscale helped Bays with compliance efforts as well, highlighting issues that they might have otherwise missed. Utilizing security controls mapped directly to the ISO 27001 standard, they were able to track the compliance score and get ready for the audit with minimal effort.

Alerts in Slack are a great help, I can see instantly what others are doing, and it's easy to understand what needs to be secured.

James Hawkes, Head of Delivery at Bays Consulting

Results

Bays Consulting has doubled its productivity: "Cyscale saves us 50% of the time spent doing access reviews". In addition, using Cyscale’s cloud security platform, Bays Consulting can ensure that IAM is a strong point in their infrastructure and that sensitive data is protected from unwanted access.

With the help of automated cloud misconfiguration checks and real-time alerts delivered on the preferred communication channel, James Hawkes has managed to remove manual work, become more efficient and make significant time savings across the team.

Bays Consulting can now easily monitor their compliance score, get notified when deviations occur and ensure they have all the relevant information readily available for their future ISO 27001 audits.

Conclusion

Cyscale streamlined access reviews, improved security posture, and empowered Bays Consulting to address cloud security challenges efficiently, ultimately boosting productivity and achieving peace of mind. To read more about Cyscale and learn about cloud security, check out the blog.