I’m pleased to share the success story of one of our valued customers, Truework.
Truework, like many organisations, faced challenges in managing authorization and authentication, particularly with their AWS infrastructure. Here’s how Truework leveraged Axiom’s capabilities to transform its access management process and enhance security.
The Challenge: Homegrown Authorization and Standing Permissions
Before partnering with Axiom, Truework relied on a homegrown solution for controlling access to their AWS resources, which was primarily integrated with Okta. While this approach served their needs, it lacked the visibility and granular control that Truework desired to achieve their access and auditability goals for the business and the data in which they are responsible for. The challenge of standing permissions and a limited set of predefined roles within AWS left them continuously reviewing and approving similar, but not identical access requests via ticketing systems and accompanying code reviews which, while functional – proved to be slow and resource consuming for the Engineering, and Security Teams at Truework.
Protecting Data with Axiom
Truework recognized the need for a more robust and flexible access management strategy that aligned with their business goals and more specifically supported improving developer velocity. They realized that developing internal tools, though feasible, was not where their time should be spent in their current stage, especially when it came to controlling access to their sensitive databases. Axiom offered a compelling solution, especially regarding access to AWS RDS for MySQL and Postgres. With Axiom’s solutions, Truework gained the ability to grant time based granular access with attribution to their most sensitive datastores with ease. This newfound visibility enabled them to track who accessed their data and for what purpose, enhancing overall visibility, and security posture. The power to approve, audit and investigate data access without any hassle was a game-changer.
Streamlining AWS Access and Reducing Permission Scope
Axiom’s dynamic permission crafting capabilities allowed Truework to reduce the scope of permissions in AWS significantly. Instead of relying on predefined roles, they could now tailor permissions on the fly, ensuring that data scientists had access to specific buckets and objects only for the needed duration. This fine-grained control enhanced security while enabling data scientists to perform their tasks efficiently.
Securing Administrator Access with Axiom Workflows
Truework also benefited from Axiom’s Workflows, an automation tool that streamlined access requests for specific teams and resources. This automation eliminated the need for administrators to wait for approvals manually. Access was granted automatically, reducing friction and enhancing productivity. Moreover, it provided auditability and enforced time-boxed access, mitigating standing permission risks for the entire organization.
Enhancing Developer Experience
Truework’s engineering teams found Axiom’s Slack and WebUI interfaces user-friendly, simplifying the access request and approval process. This ease of use reduced friction compared to their previous methods. The feedback from the teams was positive, highlighting the significant improvement in the access-granting process.
Axiom as an Organizational Accelerator
Axiom not only addressed security challenges but also became an organizational accelerator for Truework’s development and data engineering teams. With Axiom’s assistance, Truework streamlined and enhanced its access management method, making it sleeker and safer.
Truework’s journey with Axiom demonstrates the transformative power of our Just-in-Time provisioning and least-privilege access workflow solutions. We are proud to have played a pivotal role in helping Truework achieve a more secure, efficient, and agile access management system.
If you’d like to learn more about how Axiom can empower your organization, please contact us. Together, we can make access management sleek, safe, and efficient for your business.