Smart Fintech uses Cyscale to gain IAM visibility and ensure cloud security and compliance

Challenges

Difficulty identifying permission drifts

Manual configurations checks, which slow down the development team

A time-consuming compliance process

Results

Enhanced visibility into users’ roles and privileges

Implementation of a misconfigurations alert system for cloud security

Improved compliance through better IAM visibility and control

Problem

The company was looking for a solution to help them achieve compliance and ensure their cloud environment is secure. Identity and access management was a focal point for Smart Fintech, since they identified it as a significant risk area. In addition, they needed an alert system for cloud misconfigurations so that they could leverage the development speed promised by the cloud, without compromising on security.

Cyscale is eliminating the need to ask the team for tedious configuration reports, greatly improving our visibility and helping us understand things we didn’t know.

Alex Cociu, Risk and Compliance Officer at Smart Fintech

Solution

Cyscale provided Smart Fintech with a comprehensive overview of users’ roles and privileges across multiple cloud accounts. Moreover, using the Cyscale platform, Smart Fintech can identify users that have too many privileges. “I approve a user’s level of access, and I can see in Cyscale if he is overprivileged and then work with my team to fix it.”, adds Alex.

Cyscale improves the visibility of cloud identities and pinpoints vulnerabilities or misconfigurations through a powerful Identity Dashboard. The platform detects each person in the organization and provides valuable information regarding MFA, privileges and access, making it easy to detect when permissions drift from the expected setup.

The platform helps me with IAM visibility a lot: I can understand who has access and why. When a person leaves the company, I can detect if their permissions remain hanging. I don’t have to rely on affirmations that access has been removed, I can easily see it and confirm it in Cyscale.

Alex Cociu

Results

The company was able to manage identity and access management effectively, which was one of the focus points when onboarding into Cyscale. As a result, Alex Cociu now confirms that they have the much-needed visibility over users’ permissions.

In addition, after onboarding into Cyscale, the Smart Fintech development team set a goal to achieve zero alerts, which meant ensuring that their cloud environment was always in compliance with their policies. They now know if there are any drifts, and the platform alerts them of deviations from their initial goal.

Moreover, they can adjust the configurations according to acceptable risk by creating exemptions to exclude certain cloud assets.

Conclusion

The platform’s automation capabilities helped the company reduce the time and resources required to manage its cloud environment, which was particularly beneficial for a constrained team with limited resources.

As Smart Fintech continues to grow, Cyscale is prepared to assist them. Besides IAM and visibility, the platform also provides data security and alerts dashboards, over 400 controls that verify the entire cloud environment, a compliance module, and many others. To read more about Cyscale and learn about cloud security, check out the blog.