Sisense Reduces Application Risk at Scale with DoControl

About Sisense

Sisense seeks to drive meaningful change in the world by making it easy for businesses to infuse analytics everywhere. Sisense goes beyond the dashboard by providing an AI-driven platform that any company can use to drive better, faster decisions, for their business and their customers.

Sisense Reduces Application Risk at Scale with DoControl

As the Head of Global IT for a high-growth technology company, our organization has embraced the speed and flexibility that comes with adopting SaaS applications to help drive our business. The challenge for the IT team that has come with that rapid adoption was getting visibility into all these disparate systems where critical data assets now reside. To make things even more complicated, during the course of business our employees share access to data with hundreds of external collaborators and vendors. The business relationships with all these contractors and vendors is constantly changing, so it’s impossible to keep up with which vendors should or shouldn’t still have access. It’s a problem that just keeps increasing in scale as we add more employees, more SaaS applications, and even more external collaborators to help us to continue growing the business.

The other side of that is we also have employees leave the company and relationships with vendors end, so that is a continually on-going effort to remediate access that is no longer applicable. We also have to worry about the employees who are leaving, whether they are taking valuable data with them that could negatively impact us in the future.

Without a centralized tool that could aggregate data assets from across all these different sources, the team had to manually review and remediate all this access through time-consuming, manual projects across multiple applications.

Foundational SaaS Application Data Access Controls

DoControl gave Sisense a solid foundation to start in terms of understanding all the SaaS applications, users, collaborators, and data assets through it’s SaaS asset management capabilities. DoControl was able to consolidate the data scattered across multiple disparate SaaS applications, as well as compile an accurate inventory that provided complete visibility allowing for more effective data access security policies.

“With DoControl in place, we are now able to enforce consistent data access control policies over the applications that are the cornerstone for our business to be successful. ”

Effi Mor, Head of Global IT, Sisense

Utilizing DoControl’s automated security workflows was Sisense’s next step in building out a robust security plan for theirSaaS applications, as it allowed the IT team to set dynamic policies that auto-expire access to data assets after a predetermined period of time. This enabled the team to limit the growth in externally shared data access by not disallowing indefinite access. Sisense was enabled to remediate the access to lists of users or to an entire domain once that business relationship had come to an end, saving valuable time and resources and giving them the confidence that they no longer have unauthorized data exposure risks.

In addition, the DoControl solution provided continuous monitoring across all of their SaaS applications, including the auditing capabilities that would  monitor data exposure for the period prior to employees resigning from the company.

The DoControl Impact

DoControl is now an integral component of Sisense’s security environment. Sisense now benefits from having a single, centralized location where they can implement security policies around data access and sharing, consistently across all our SaaS applications - as opposed to managing each one individually. Based on best practices and policies per each department provided by DoControl, the IT team was enabled to create granular policies for different users and groups within the organization. This enabled them to collaborate internally and externally while mitigating the risk of data exposure, data exfiltration, and a major security breach.

The Sisense IT team now has the visibility to feel confident in knowing who is accessing specific sensitive company data, how they’re utilizing it, and who they’ve shared access with both internally and externally. The team can now take a risk-based approach to audit reviews by  easily pulling event activity audit logs to perform security checks that present higher levels of risk. Through the automated workflows provided by the DoControl solution, Sisense have automatically mitigated data access security risks at scale, and enabled their IT team to focus on other strategic projects.

‍