Jobs at Snoop - Otta - The only job search that does you justice

INDUSTRY
Fintech

REGION
Global

CLOUD ENVIRONMENTS

READY TO START?
Request a demo

CASE STUDY

Snoop

Snoop chooses Sonrai for total cloud security

Headquartered in the UK, Snoop is a fintech start-up established in April 2019 by a team of former Virgin Money Executives.  Using secure open banking data and advanced analytics, the Snoop app provides data-driven, personalized insights (‘Snoops’) to help consumers find their biggest money-saving opportunities. While Snoop is not a bank, it does interface with systems that handle customers’ financial information and is regulated by the Financial Conduct Authority. As such, having enterprise security solutions and a robust approach to identifying and managing public cloud risk was critical from the outset of our partnership.

Challenge

Snoop’s leadership realized they needed to secure their cloud app from the onset. Snoop wanted to build a data-driven business that was cloud-native. They were looking for a public cloud security platform that could not only protect access to their differentiated data and AI but also govern identity access to their cloud-native app.

Their team needed help with managing multiple aspects of AWS, including policy enforcement, cloud security, and governance. Risks due to security and compliance violations are huge challenges for a cloud-native company. Snoop needed a way to ensure that its own cloud-based platform was secure and configured to least privilege and other cloud security best practices.

Sonrai relieve alerts icon

Goal

Sonrai - Check mark with circles icon

Reduce Risk

To eliminate all potential identity risks, Snoop wanted to improve tracking, reporting, and monitoring of all identities – graphing all trust relationships between identities and their permissions. It was very complex to keep track of what identities had access to what in AWS and the permissions each identity may be using. They needed a comprehensive solution.

Additionally, the team at Snoop wanted to address demands associated with controlling and managing privileged access and improve processes to manage privileged identities. They spent a lot of time putting frameworks in place to ensure their data stayed in control and in their cloud. They additionally wanted to ensure policies were put in place to restrict the creation or change of risky cloud services and eliminate the possibility of risks being created in the first place.

Increase Security

Snoop’s data is their most important asset, and any disruption could be catastrophic to their business. Their goal was to manage data access in AWS effectively. The team wanted to know who and what had access to the data and what the potential risks were at all times.

Sonrai - For DevSecOps Icon

Maximize Efficiency

Snoop understands the complexity of managing roles and privileges in the cloud. Their goal was to simplify the views of their cloud and require that all ops teams leverage the native ops consoles, such as those provided by AWS, or other third-party tools. However, they understood that this could become a management headache because all of these tools are different and require specific skills.

“Securing access to our data and tracking identities in the Cloud is complex, and Sonrai understood how to simplify that from the beginning.”

Andy Makings
Head of DevSecOps
Snoop

Solution

Sonrai Dig’s identity and data security platform was the perfect fit for solving Snoop’s challenges.

Identity and access risks were easily identified and systematically removed leveraging Sonrai Dig. Snoop required the ability to move from proof-of-concept to production quickly and without complexity. They leveraged the value in gaining comprehensive visibility into their groups, policies, identities, roles, accounts, permissions, and trust relationships across all of their AWS accounts. Dig integrated seamlessly with out-of-the-box identity risk frameworks and delivered the visibility within days of all ‘effective permissions’ for data and identities and helped to remediate uncovered risks.

With Sonrai Dig, Snoop can map every trust relationship, inherited permission, and policy for every entity. They can identify all excessive privileges, escalations, and separation of duty risks across their AWS roles and accounts. The team was looking for a security platform to help monitor and track identity and data resource access.

With numerous identities with rights and privileges to access data, Snoop decided that Sonrai Dig could help them to continuously monitor both their identities and data. With Dig’s graphing technology, they are now able to map what has access to data and how that access is made possible. This enables them to enforce that only those identities needing access are provisioned. If anything changes that expand access, they are notified or access is automatically revoked with enforcement options.

Sonrai cloud policy application and enforcement image

Impact

With numerous identities with rights and privileges to access data, Snoop decided that Sonrai Dig could help them to continuously monitor both their identities and data. With Dig’s graphing technology, they are now able to map what has access to data and how that access is made possible. This enables them to enforce that only those identities needing access are provisioned. If anything changes that expand access, they are notified or access is automatically revoked with enforcement options.

Snoop leverages Sonrai Dig to govern its regulated workloads to AWS and increase agility and innovation across the team while maintaining continuous compliance. This means compliance and platform posture gaps are quickly addressed as Dig identifies problems at their source. In addition to the powerful graphing capabilities that allow Snoop to review security posture in real-time discovering any compromised workloads, open ports, or misconfigurations, Sonrai Dig allows Snoop’s admins to take the necessary actions to rapidly mitigate risk. With automated monitoring and policy enforcement, Dig helps Snoop strengthen its cloud security, simplify cloud operations, and reduce risk in their public cloud helping them get to and maintain least privilege.

Sonrai Dig allowed Snoop to de-risk its public cloud of identity and data concerns. With risks identified and removed, activity monitoring improved significantly across their AWS environment. Through identifying interactions and originating identities, Dig was able to identify and continuously monitor all trust relationships across all accounts giving comfort that any unusual activity against sensitive data would be flagged and remediated.