The Security Director of a US InsurTech company knew he had to find a way to keep sensitive data safe in his fast-growing company. Read more about how Metomic helped him to sleep better at night.
The US InsurTech company has revolutionised the auto insurance industry, providing speedy access to insurance, hassle-free cover and true value for money. Powered by award winning cloud first technology, they deliver the industry’s fastest claims, easy payments, and exceptional services.
For most scale-ups, calling yourself ‘hypergrowth’ is an honor but it certainly comes with many challenges. In just 5 years, they scaled from 0 to 500 employees and were handling increasing amounts of sensitive data about their customers as their consumer popularity grew. As a cloud-first company that embraced popular tools like Slack and Google Drive, and with most of the workforce working remotely, ensuring that this customer data did not become over-exposed was key.
The challenges we faced were magnified because of the speed of our growth. We are a SaaS first company, people are now more remote which magnified the risks of having sensitive data risks. It's easy to make a mistake, so we needed to put guardrails in place to help people.
The Director of Security acknowledges that the problem is a human one, and employees might not be malicious, but they can make mistakes. ‘At the end of the day, we are always trying to protect our customers but people can make mistakes - so we needed a tool to help us’, said Director of Security.
Keeping their customers' data safe is a top priority for them. They needed a way to identify, alert and remediate sensitive data risks on autopilot, so that they could focus on delivering the best experience possible for their customers. It was important to them to achieve four main things:
1) Help discover the location of sensitive data across SaaS apps
2) Minimize the risk of malicious attacks
3) Educate and alert employees to risks in real time
4) Receive prioritised alerts so that there would be little extra workload for the small security team
They had already invested in several security platforms and even in Data Loss Prevention tools (DLP) but they still felt they had gaps that couldn’t be fitted. In fact, the security team was taking a manual approach to reviewing Google Drive for sensitive information on a weekly basis. They chose to invest in market leading SaaS data security platform Metomic, to help them save operational costs and plug these gaps.
'Metomic fills a niche that other platforms really don’t. It is able to identify sensitive information wherever it lives and it exposes blind spots for us, even though we have other security platforms and DLP tools in place,' the Director of Security said.
Within hours of integrating Metomic, they were able to identify some key sensitive data risks. ‘We found credit cards, security keys, email addresses,
drivers license numbers and more,’ said the Director of Security. 'This was an exciting output that we obtained without an impact on our existing
operations.'
As with any security solution, getting targeted insights and meaningful alerts is key to reducing ‘alert fatigue’. This was a top criteria they set. The result has been little additional effort needed from the security team to significantly reduce business risk.
'Metomic helps us resolve threats on autopilot to remove human error. It distills down thousands of data points and filters it back to us so that we can see the information that is important to us.'
Using Metomic is easy but the value is spread across several key departments in the business. ‘Within the company, many of our teams use Metomic,’ shares the Director of Security. ‘For example, our compliance teams use Metomic to identify sensitive information. IT teams use Metomic to educate people on what issues there are with sensitive data and our security team uses Metomic to actively prevent data leaks.’
Since implementation, Metomic has discovered and remediated over 19,000 risks, all on autopilot. This has saved the company 10+ hours of manual data discovery per week. All in all, the Director of Security couldn't be happier.
'Metomic gives us all peace of mind,' he says. 'We know that we have reduced the footprint of sensitive data exposure and that helps me sleep at night.'
The partnership between Metomic and the US InsurTech company continues to flourish. They are now benefiting from an integration with Zendesk, which was built around their requirements.
'Metomic was able to build an integration, help us find information right away and help reduce our risk. As a team, they make commitments and deliver rapidly and generally without mistake. It’s been a great partnership. They truly listen and take action. We really appreciate that here.'