SimilarWeb case study

Company

SimilarWeb logo

Industry

Technology

Featured DoControl Champion

David Sharvit, Security Engineer

About SimilarWeb

Similarweb is a digital intelligence provider for enterprise and small to mid-sized business customers. Similarweb ranks websites and applications based on traffic and engagement metrics. Its ranking is calculated according to the collected datasets and updated on a monthly basis with new data. The ranking system covers 210 categories of websites and apps in 190 countries and was designed to be an estimate of a website's popularity and growth potential. The platform provides web analytics services and offers its users information on their clients' and competitors' web traffic and performance.

DoControl Enables Secure Access to Critical SaaS Applications for SimilarWeb

SimilarWeb leverages Software as a Service (SaaS) applications such as Google Drive, Box, Slack and Salesforce to enable productivity throughout their workforce. The security team’s number one focus is to protect their customer, employee and company data – most of which resides across these critical applications. They were concerned about certain groups and domains within the organization that had regular access to sensitive assets and files. The ongoing use of these applications made it nearly impossible for the team to apply effective data access policies that enforce the same levels of security and control across the different SaaS applications being utilized.

The built-in security features were not advanced or granular enough to implement the controls they needed to mitigate the risk of a data exfiltration or a larger scale cyber attack. The rate in which assets were created and shared across all the various users (both internal employees and 3rd party vendors) created a scalable security problem. There were also concerns around departing employees taking sensitive company data prior to their departure. Relying on the native security functionality of each application, or trying to address these challenges through manual process was ineffective and did not scale. SimilarWeb was looking to centralize secure access to the critical applications being utilized to drive their business forward.



DoControl - SaaS Data Access Control- Quote icon

“The DoControl solution provides us with the visibility, control and enforcement capabilities we need to deliver secure access to our critical SaaS applications and data.”

David Sharvit, Security Engineer, SimilarWeb

Foundational Data Access Controls to Enable the Business

DoControl provided SimilarWeb with a complete inventory of their SaaS assets, with a full mapping of ownership and the associated data access enabled for each. The security team now had end-to-end visibility of their SaaS landscape, allowing them to establish a standard baseline for both internal and external end user activity. DoControl’s continuous monitoring of SimilarWeb’s environment automatically identified high-risk events and deviations from that baseline, allowing the team to investigate anomalous events before they caused irreparable damage to the business.

 

The DoControl Impact

The security team created automated security workflows and remediation policies that revoked specific users' access, as well as removing the public sharing of files after a predetermined amount of time. The DoControl platform delivered rich data enrichments from all the SaaS events and activities across SimilarWeb’s SaaS application estate, as well as adding a new layer of preventative controls to mitigate the risk of data overexposure for groups and domains that presented higher levels of risk. For departing employees, access across critical SaaS applications were automatically shut off when their Human Resources application triggered employment status changes. Further, DoControl enabled the team to identify and remediate any lingering access the former employee may otherwise retain and eliminate access points, protecting SimilarWeb from data exfiltration.



KEY BENEFITS

  • Centralized enforcement of data access control policies across every identity and entity
  • End-to-end visibility across all SaaS user events and activities 
  • Operational efficiencies through ‘risk-based’ security workflows
  • Automated risk remediation of data exfiltration, data overexposure, and cyber breaches
Did you know that, on average, companies that allow external sharing of SaaS data assets have data that has been exposed to 42 4th-party domains?

Did you know that, on average, companies that allow external sharing of SaaS data assets have data that has been exposed to 42 4th-party domains?

This stat comes from the industry report we published earlier this year: The Immense Risk of Unmanaged SaaS Data Access. It’s a great read. We recommend you check it out.

DoControl-CTA demo image

Automated data access controls to improve security and operational efficiency with ease of use

See a live demo
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Our latest tips, insights, and news
Get updates to your inbox