OpenWeb Achieves Least Privileges with Automated JIT Access

Secure Developer
Access to Production RDS at Scale

OpenWeb – Case Study

Founded in 2012, OpenWeb partners with publishers and brands to help build direct partnerships with their audiences.

The company has raised over $390 million in funding and has acquired 3 companies since its establishment.

Head Count

400+

Locations

New York, Tel Aviv, Toronto, San Diego, London, Paris, Kyiv

The Challenge:
Secure Access At Scale

OpenWeb’s meteoric rise to success came with new security needs and a more scalable access management solution that ensure no standing privileges are risking the organization.

01

Reduce Friction Between Departments

Loved by both DevOps and developers, a solution that does not disrupt operations and can be accessed by the organization’s SSO (AWS Identity Center).

02

Continuous Access Monitoring & Conversion to Auto-Revoked Policies

Monitor unused access and over-privilegeswith “Just-in-Time”, “Just Enough” conversion suggestions

03

Just-in-Time (JiT) Access for Developers and Support Personal

Auto-revoked access in accordance with OpenWeb’s access policy.

We’re looking for something that will allow us to achieve our goal, which is to create a cloud environment with minimum roles, almost no roles, and provide just-in-time access for our developers and support personnel, and we looked for a solution that’s very easy to use that both developers and DevOps love.

CTO & CISO @ OpenWeb

Before we had Apono, developers who needed access to fix something in production or look into a database, they actually had to connect with the DevOps team to get permissions. It might take time because the team is busy, so in certain cases they actually got more privileges than needed

CTO & CISO @ OpenWeb

The Apono Solution:
Dynamic Access With Least Privileges By Default

Using Apono, OpenWeb is able to securely provision temporary permissions to sensitive resources that can be accessed via the company’s SSO portal (IAM Identity Center), reducing the risk of standing privileges while maintaining productivity

01

Reduce Friction Between Departments

Loved by both DevOps and developers, a solution that does not disrupt operations and can be accessed by the organization’s SSO (AWS Identity Center).

02

Continuous Access Monitoring & Conversion to Auto-Revoked Policies

Monitor unused access and over-privilegeswith “Just-in-Time”, “Just Enough” conversion suggestions

03

Just-in-Time (JiT) Access for Developers and Support Personnel

Access that is tailored to the task at hand in both granularity and duration