Syte is a provider of visual Artificial Intelligence (AI) technology that aims to improve retailers’ site navigation, product discovery, and user experience by powering solutions that engage and convert shoppers. The B2B enterprise's solution includes camera search, augmented site search, personalization engines, and smart in-store tools, empower shoppers to discover and purchase products instantly. Syte is transforming the way people search and shop online.
Like many modern businesses, Syte’s workforce was creating and sharing files in high volume to drive business enablement. The amount of assets being created combined with the high frequency in which they were exchanged between users internally and externally introduced the high risk of data overexposure and exfiltration. In some instances, Syte’s Software as a Service (SaaS) application data and files (Google Drive, Microsoft OneDrive, Slack and Salesforce) were being made public in order to conveniently collaborate and enable a productive workforce.
The InfoSec team was challenged by the lack of consistent data access security controls in their SaaS environment. The variation of secure file sharing functionality within each application differed dramatically, and leveraging the native capabilities of each created an environment whereby security became decentralized. They had no easy way to gain visibility into the sensitive assets being accessed to better understand what actually needed to be protected. Another concern was the lack of access controls over departing employees; the team needed to prevent company data from being distributed to private email accounts in the event of employment status changes.
DoControl provided Syte with automated risk remediation of data leakage and exfiltration. The InfoSec team was now able to address the scalable problem they were faced with by creating and applying dynamic policies that provided consistent security throughout all the SaaS applications being utilized. After implementing DoControl, the team was able to establish data access governance from a single control point, allowing for secure file exchange and collaboration across all identities and entities. Syte now had the insight they required to control how their users were accessing, manipulating, and sharing sensitive data.
Syte had previously discovered incidents of departing employees taking sensitive company data with them upon their departure. The IInfoSec team was able to establish automated workflows that revoked access to specific applications and files as soon as employment status changes were triggered within their HR application. With DoControl, they were able to mitigate the risk of sensitive files from being overexposed and exfiltrated.
Barak Blima, CISO, Syte
In addition, Syte integrated their endpoint detection and response (EDR) solution – Crowdstrike Falcon – with DoControl to further protect their workforce identities and applications. The integration united CrowdStrike’s endpoint telemetry and detections with DoControl’s asset management, continuous monitoring and automated security workflows, providing a powerful and comprehensive view of Syte’s SaaS applications and the ability to remediate users’ access to any malicious files. By combining DoControl and the Falcon platform, Syte’s InfoSec team could now focus on what matters most: quickly finding and remediating threats that exist throughout all critical endpoints and SaaS applications.
The DoControl solution has enabled Syte’s SaaS data to be automatically monitored and protected against malicious activity, ensuring that no unauthorized user has access to sensitive company data. The InfoSec team could perform access reviews seamlessly using the DoControl platform, providing a deep audit trail of end user access activity that supported internal audit policy requirements. The team is now better equipped to effectively investigate SaaS data leakage events that present material risk to the business, as well as focus their attention on more mission critical tasks. The integration of DoControl with Crowdstrike provided comprehensive protection and improved the security posture of their endpoints and SaaS applications being used to drive their business.
This stat comes from the industry report we published earlier this year: The Immense Risk of Unmanaged SaaS Data Access. It’s a great read. We recommend you check it out.