Login Book a demo

EverC Achieves Higher Efficiency Moving to Secure Just-in-Time Access

EverC

Download Now
decor

Secure JIT Access to AWS RDS 

Case study EverC

Serving highly regulated customers, including banks, payment providers, e-commerce platforms, and marketplaces, EverC’s SaaS platform secures e-commerce growth by providing merchant risk intelligence to safeguard customer reputation and revenue.

300+

Head Count

NYC, TLV, Shanghai

Locations

The Challenge

Securely Managing Access at Scale

Provisioning access to the growing number of sensitive databases with appropriate permission sets for their rapidly growing platform team was immensely inefficient using manual processes. EverC’s financial industry customers depend on them to ensure their data’s security.

 

Enforce JIT and Just Enough Access Today

Start For Free

“Our customers come to us with serious demands for their own security. Being secure helps us win deals, and keep customers doing business with us.” – Gal Bayer, EverC’s Director of IT and Security.

Gal Bayer

EverC’s Director of IT and Security

Apono’s Solution

Implementing JIT with Ease

“As a cloud-native tool, Apono was exceedingly easy to integrate with our AWS. The platform’s ability to utilize AWS’s native tags for automated discovery of our resources made for a speedy and comprehensive setup process that got our team up and running fast.” – Tomer Cohen, EverC’s Head of Cloud Infrastructure 

Easy Integration with MySQL in AWS RDS

Apono’s continuous, automated discovery of resources throughout AWS RDS streamlined the implementation, identifying sensitive data throughout their environments.

Granularity of Privilege Management

Deep granular access controls allowed the DevOps team to grant or deny access to specific namespaces within databases, making access to multiple DBs easily available with requestable bundles

Support for JumpCloud

Integrating with their identity provider JumpCloud enabled the DevOps team to use preexisting groups for provisioning access

Book a demo

The Outcome

Less Management, More Secure Access

“The user experience from my Dev team’s perspective is much better, and for me, it’s so much easier to enforce compliance.” – Tomer 

25% Less Time Spent Managing Access

In automating their access management processes, DevOps and other teams were able to focus on growth projects instead of manually responding to requests.

Faster Access to Resources

Access to sensitive resources are available 24/7, with the vast majority requestable automatically while predefined approvers are notified directly for resources requiring manual approval.

Continuous Auditing Simplifies Compliance

Every access request with justification for why it is needed is automatically recording, streamlining audits for EverC’s ISO 27001, SOC II, and customers with PDF exportable reports.

Book a demo

Having successfully secured access to his crown jewel resources, Gal says that, “My next step is to expand the same level of discipline to our Kubernetes clusters, ensuring that all of our access there is within scope and under control.” 

Gal Bayer

EverC’s Director of IT and Security