Universal secure access and offboarding
Texas Baptists’ rapid transformation created additional security challenges for safe access to SaaS applications outside the direct control and management of the IT or security team. Each year, Texas Baptists have cohorts of users changing roles, responsibilities, and even leaving the organization just in time for another round of ministers and ministry teams to join.
“We improved security efficiency and protection well beyond the reach of other tools. Grip was built for the way SaaS is consumed across our users, focusing on visibility and identity risks for all SaaS classes and types, especially those self-provisioned by users. Now, discovering and mitigating SaaS exposures, along with removing the cost of redundant apps has made us more secure and better stewards of our IT resources.”
Dave Lyons, Director of IT and Security
The continuous fluctuation of users was matched only by the sheer number of SaaS applications, tallying up to an average of 62 new apps per year.
At the same time, Texas Baptists was expanding the reach of its ministries and ministers to nearly encompass the globe, leading to an exponential diversity of SaaS services within each individualized ministry need. The only constant factor was identity.
Texas Baptists chose Grip for its identity-based SaaS discovery to reveal user-SaaS relationships and to automate actions, such as offboarding to mitigate risk. Additionally, Grip’s SaaS security innovation enabled the security team to pinpoint identities whenever and wherever SaaS was used — identifying key areas of opportunity to remove redundancy, reclaim licenses, and consolidate redundancies as they emerged.
Finally, Texas Baptists leveraged Grip’s automated offboarding enabled to remove the risk of unauthorized access to SaaS (such as dangling access for former users) and helped the security team get more done and effectively integrate new identities and initiatives.
Texas Baptists spend 80% less time mitigating SaaS identity risk
SaaS visibility and risk response
For Texas Baptists, visibility (for SaaS and identities) is critical. Grip gives the security team on-demand insights into SaaS use, misuse, and abuse by continuously discovering SaaS as it is consumed by Texas Baptists’ users, regardless of network status, device, or location — all without proxies or agents.
Cyber-attacks and SaaS breaches have been well-documented in recent reports from the 0ktapus threat campaign of 2022 to the phishing, smishing, and vishing schemes that impacted Twilio, Plex, Dropbox, Signal, Uber, and Digital Ocean, among others.
When SaaS providers are compromised or abandoned SaaS contains zombie accounts, Texas Baptists can instantly see if and where identities are exposed to a compromised SaaS service, without sitting back to wait for “an event”.
Grip gave the security team relevant, actionable insights for risks that mattered and prioritizing mitigations for each SaaS app’s inherent risk and access controls for each user of the SaaS service.
“What surprised us was just how much our SaaS and identity landscape changed day-to-day, week-to-week. In the first week of deployment, we eliminated years of identity risk, including offboarding targeted users and apps in just a few clicks. Then, we just kept piling up victories for safer SaaS by leveraging Grip regularly. Grip sees it all as it happens, so we’re never in the dark about which SaaS apps are being used, who’s using it and what protections are in place for secure access. Then, Grip secures those identities whenever SaaS is used.”
Dave Lyons, Director of IT and Security
Conclusion
Identities are the top target for cybercriminals and attackers, including more than 25 million brute force attacks every day, worldwide.
Texas Baptists gained visibility to their identity and SaaS sprawl by utilizing Grip’s panoramic view of user-SaaS relationships — without proxies, agents, or user disruptions.
Texas Baptists removed risk (and cost) from hidden and redundant SaaS services by easily classifying and assessing risk with automated workflows for justification, audit, and access review.
The security team can now scale safeguards to all SaaS whenever and wherever it is used — along with shaving license cost from better awareness of SaaS and the identities consuming it — anywhere, everywhere, and on-demand.
Download PDF