TX Group: Eliminating cloud identity risk with Rezonate
Success for Switzerland’s largest international private media company means always staying ahead of the digital curve – and security is no exception. Rezonate makes this possible.
“With Rezonate our DevOps and security teams are now enabled to work hand-in-hand and understand the complete identity story – across our IdP and cloud infrastructure. We reduce manual workload, increase productivity and eventually reduce the time to remediate critical risks.”Andreas Schneider, former Group CISO and Olivier Martinet, current Group CISO for TX Group
The Challenge: Finding and Fixing Identity ‘Blind Spots’ – Fast
Speed is of the essence in the media industry: news happens fast, and it’s imperative to deliver – and secure – it rapidly, as well.
Detecting identity issues and compromises in this complex environment, Schneider says, was like finding the proverbial “needle in a haystack.” He used several different tools to try to uncover every vulnerability, but he knew that he wasn’t seeing the complete exposure map.
But finding and closing the identity and access management gaps seemed nearly impossible. AWS’s own insight tools proved difficult even for the engineers to use. So Schneider sought help – and found it in Rezonate.
“We had blind spots. There were things we didn’t really think about. We check configuration, for example, but do we check privileges? If a vendor says they need access to something, it is a real challenge to continuously validate need and actual usage.”
The Solution: A team approach that really works
Schneider chose Rezonate to handle TX Group’s identity management for a number of reasons:
- Real problem solving. Rezonate sees the extent to which identities use their access privileges so TX Group can revoke access to unused resources and applications – the “least privilege” approach.
“I don’t know of any other technology that does this. Rezonate alone could give us real-time visibility into our cloud accounts as well as guidance for quick response. We now know exactly what’s going on and where, every moment.”
- Rapid response. TX Group can now spot risky accounts and mitigate them with ease using Rezonate, and its security and DevOps teams can work together to resolve the identity and access issues that are so common in the cloud — without slowing or stopping operations.
Rezonate accomplishes this feat via its Identity Storyline™, the brains behind the Rezonate platform. Identity Storyline simplifies complex identity and access problems and provides clear guidance on how to resolve them.
Now, using Rezonate, TX Group can quickly see, in context, each identity’s behaviors in the cloud – past as well as present – and know which might increase its risk of breach, as well as how to best remediate.
Identity Storyline goes beyond static dashboards to answer the dynamic questions that need always-current answers such as
- Where are our blind spots?
- Where have identities changed or deviated from patterns of behavior?
- Where are our active threats?
“Without Rezonate, we would not be able to see these kinds of suspicious activities on all our identity providers and cloud accounts. Before, we were seeing just minor parts of our identity and access risk. We now have the complete picture, and can make decisions with confidence.”
- User-readiness. The Rezonate platform software is up and running and ready to use in minutes.
“Rezonate takes zero trust to the next level. Rezonate is, for me, the one-stop shop security tool for protecting our identities in the correct way – for identifying and remediating threats.”
- A full and complete view of identities, access, and privileges via Rezonate’s Identity Storyline™ – leveling up “zero trust” security for the cloud
- Faster time from risk discovery to risk remediation – from days or weeks to minutes
- Reduced workload for DevOps and security teams as automation handles detection and remediation before risks become threats
- Greater productivity as DevOps works hand-in-hand with security to safely design, create, and deploy
- Optimized access permissions, ensuring a “least privileges” approach
- Proactive, prioritized responses to risk and threats