ActiveFence empowers online platforms to be proactive and thorough in uncovering and responding to platform abuse. Their Trust & Safety solution brings together machine learning, proprietary datasets, generative AI and a nuanced understanding of the threat landscape to enable precise, scalable detection of harmful content, ensuring platform user trust along with regulatory compliance.
Challenge
Prevent external overexposure of SaaS assets
Like many companies, ActiveFence uses their SaaS systems to facilitate communication and collaboration between company employees and external contractors. While this setup enhances productivity, it can also create security holes, especially when assets shared with external parties are forgotten about or permissions are given indiscriminately.
ActiveFence wanted a way to both detect all externally shared assets that should not - or no longer - be available externally. They also wanted to prevent overexposure going forward, but without compromising business innovation and productivity. Fortunately, they found DoControl.
Solution
Auto-remediation with end-user involvement + bulk historical remediation using DoControl
Data security-conscious ActiveFence had two corporate Google Workspaces: one for ActiveFence employees and one for freelancers or any other third party. Naturally, asset sharing from the internal Workspace to the freelancer Workspace was a common occurrence. DoControl enabled ActiveFence to set up automated workflows to monitor external shares, both in Google Workspace and in the company’s Slack channels, and protect assets from overexposure.
One powerful workflow used by ActiveFence starts a 90-day timer any time a user shares an asset externally. At the end of the 90 days, a Slack bot asks the user if the asset should still be shared. If the user answers in the negative - or doesn’t respond - DoControl auto-remediates the exposure, removing the external access permission.
ActiveFence also made significant use of DoControl’s historical remediation ability to remove permissions from overexposed assets at scale and with minimal time investment.
My perspective as a CISO is one of business enablement. It’s about creating a framework of risk reduction that is barely noticeable to the business users, but mitigates threats so that they can innovate safely. With DoControl, I can enable asset exposure while easily - and without too much team time and involvement - preventing it from becoming overexposure. DoControl makes a business-empowering, effective risk management framework possible.
Guy Stern, CISO at ActiveFence
Results
Sharp decrease in overexposed assets and in time required for remediation
By leveraging DoControl, ActiveFence achieved a 78% decrease in shared public assets and a 50% decrease in externally shared assets. DoControl’s bulk historical remediation capability enabled ActiveFence to swiftly and easily decrease overexposure by removing 15K no-longer-relevant permissions - with a few clicks. If they had needed to track down all of these overexposed assets and change their permissions manually, it would have taken over 800 hours of work!
DoControl’s granular automated workflows streamline routine information security tasks like detection and incident response, freeing up ActiveFence’s CISO teams to focus on strategic initiatives that contribute significantly to the business.