ABOUT
Industry:
Software-as-a-Service, Collaboration Platform
Size:
230+ employees
Private
Team:
Mark Willis, CISO
ABOUT BLUESCAPE
Bluescape empowers teams to work together remotely on a single platform, providing a collaborative experience designed around visual content. Bluescape’s virtual project workspace supports images, whiteboard, search functionalities, and the ability to work with any device from any location. This distributed approach sets teams up for success in today’s era of hybrid workplaces and work-from-anywhere to maximize seamless operations and productivity.
<span data-metadata=""><span data-buffer="">The Challenge
Bluescape is the most secure and flexible visual collaboration platform in the world and their top priority is protecting customer data. Mark Willis, Bluescape Chief Information Security Officer (CISO) and his security team have had to deal with the challenges of securing their customers’ sensitive information at cloud scale and realized that their existing data security tools could not deal with the complexity and scale of data in a modern organization like Bluescape. They were worried that their data security program was too focused on compliance and detecting data loss, and not enough on restricting access to the data in the first place. Bluescape wanted simple answers about where their data was, who had access to it, and how the data was being used, so that they could act before it was too late.
<span data-metadata=""><span data-buffer="">The Goal<span data-metadata="">
Mark and his team wanted to find a solution that increased their visibility down to the most fine-grained elements of data that they could control access to. The team knew that due to the size, complexity and constant change within their organization, there would be a lot of dormant identities with access to sensitive data that was no longer needed or worse didn’t have MFA enabled. The team was looking for a way to reduce this data attack surface quickly.
Like other security teams, they wanted to explore ways to view and analyze abnormal data access behaviors, and scan for and detect redundant, obsolete and trivial data. They were specifically interested in the existence of any sensitive data in logs across their AWS cloud environment.
The team sought a solution that would deploy easily into their existing architecture and could deliver valuable and actionable insights within days, while giving Bluescape the ability to maintain control over their data and self-manage access to the solution.
When an opportunity first arose in 2020 to deploy DataGuard, the team saw potential in the solution’s capabilities to resolve their problems and help prevent future data breaches.
<span data-metadata=""><span data-buffer="">The Choice<span data-metadata="">
Bluescape chose Symmetry Systems to protect their user data and sensitive information as they were intrigued by Symmetry’s unique approach to solving data security problems. Mark and his team recognized that Symmetry’s approach to data protection with Symmetry DataGuard was different from the other solutions they had evaluated.
By focusing on the intersection between data and identities and establishing a sufficiently precise and fine-grained view of all of the data and its use, DataGuard presented a unique insight into addressing data protection at scale. Bluescape was also intrigued by the visibility that DataGuard provided on what was happening with the data, with the ability to easily build deterministic and anomaly-based detection capabilities. The team found Symmetry DataGuard’s Graph Neural Network technology and deep learning capabilities attractive, recognizing how this could help leverage distinctive characteristics and interconnections within the graph to automatically deduce statistics related to identities and datastores.
Mark was also impressed with the deep, technical knowledge the Symmetry team had across the various data stores, data pipelines, and cloud environments, demonstrated during the initial deployment within a new environment.
The Outcomes<span data-metadata="">
Bluescape has been able to lean on DataGuard for deeper visibility and continuous monitoring of data with their platform, including data access, which they’d lacked before. They have also utilized DataGuard’s machine learning capabilities to review their log files and data access activities, taking care of the easy but time-intensive compliance tasks and freeing up team members to focus efforts elsewhere.The team now monitors and prioritizes a variety of performance metrics including number of inactive/outdated accounts, and suspicious activity/account creation in production on a regular basis to stay ahead of potential threats.
The value and trust from having Symmetry DataGuard deployed was most evident, when Bluescape identified a vulnerability in the Bluescape production environment that could have resulted in unauthorized access to customer data. Bluescape prioritized remediation of the vulnerability to minimize any potential impact to customers, but also utilized DataGuard to examine the production environment and make sure that nothing unusual had happened because of the vulnerability. DataGuard could quickly show that there were no new accounts created, no anomalous access requests or behavior, and no unauthorized actions in Bluescape’s logs, providing the peace of mind the team needed to confidently assert that no users had been affected.
As a result of deploying Symmetry DataGuard, Bluescape has been able to achieve a stronger data security posture – reducing their data attack surface and the potential blast radius, along with increased visibility into data activity. Mark notes that while Bluescape currently has a smaller team, they are impressed with what the partnership Symmetry provides and what Symmetry DataGuard has enabled them to do thus far. He expects that as their team grows and as the Bluescape platform evolves, they will be able to do even more together.
“Symmetry gave us the peace of mind that if something happened and a vulnerability was discovered or a user was compromised, we’d be alerted and able to confirm whether anything happened to the data, and trace it back to where it originated.”
Mark Willis, CISO
About Symmetry Systems
Symmetry Systems is the industry’s first hybrid cloud data security platform that safeguards data in AWS, GCP, Azure services, and on-premise databases while supporting a data-centric zero trust model. With Symmetry, security and compliance teams can address threats quickly through AI-driven data security posture management (DSPM). Symmetry provides visibility into data risks from excessive permissions and anomalous data flows while giving organizations the evidence required to demonstrate compliance best practices.
