- A born-in-the-cloud solution for a cloud-native enterprise
- Setup and implementation in less than 30 minutes
- Controlling identity sprawl and excessive user permissions
- Authorization Graph
- Query Builder
- Open Authorization API
Bluecore enables major retail brands to deliver personalized product offerings to online shoppers with the aim of transforming casual browsers into lifetime customers. The New York-based marketing technology company leverages artificial intelligence to predictively match shoppers with products they are likely to purchase, which in turn allows retailers to personalize customer communications with 1:1 content, special offers, and recommendations delivered across email, web, paid media, social, and SMS.
Purpose-built to connect shoppers with what they might buy next, Bluecore’s marketing solution crunches quite a bit of shopper data as well as that of its retail clients. With the growing prevalence of privacy regulations like the EU’s GDPR (General Data Protection Regulation) and the CCPA (California Consumer Privacy Act), it’s become increasingly important for Bluecore to stay on top of all the data the company possesses and know where it resides, who has permission to access it, and how it’s being protected.
A cloud-based solution for securing cloud data
Bluecore is a cloud-native organization, hosted entirely in Google Cloud since day one, which was a key factor the company’s CISO, Brent Lassi, considered when he decided to engage Veza. “It was hard to find something that didn’t treat Google Cloud like a third-class citizen, which is understandable since Amazon and Azure are such big players in the space. I was reassured to see that Veza took Google very, very seriously from the get go,” says Lassi.
Since bringing Veza on board, Lassi’s team, which is charged with managing both data security and overall IT, has focused heavily on Google Cloud IAM administration from an onboarding and offboarding perspective as well as on day-to-day system management and data hygiene.
The most critical thing about data security is knowing what you have. You need to know where it is, how long you’ve had it, and how well it’s protected. Veza helps me do all of it.Brent Lassi || CISO, Bluecore
Connecting the dots across multiple user identities and their data access permissions
Identity and access controls are very complicated. There are thousands of potential permissions that can be granted to any individual. Although Bluecore has only 400 users, innumerable permissions can be assigned to those 400. What’s required is a solution that enables IT to piece through all the information and figure out what each user really needs and which permissions they really should have. “That requires a lot of data summarization. Veza’s graph solution has been incredibly helpful in that regard.”
Finding the right solution
Bluecore looked at several technologies before settling on Veza. Unlike Veza, most were excessively project or account-specific, which would have made it difficult to get a big-picture view of identity management and effective user permissions. In the evaluation process, Lassi’s team sought a solution that could meet three primary criteria:
- Supportability — could it be supported entirely by Bluecore’s security and IT organization, without any external consultants or tech support?
- Extensibility — could it plug into other systems via APIs and automation?
- Observability — could it pivot and drill down data to an almost infinite depth to simplify the complexity of cloud identity management? Veza was the only one that made the cut.
Above all, Lassi liked that Veza is an entirely cloud-based solution, in contrast to others that required on-prem components. As a pure cloud solution, Veza enables Bluecore to get an aggregate look at all its data across its various cloud projects, environments, and providers.
I didn’t have to stand anything up in my environment. All APIs are not created equal. Veza’s are very strong, and they do exactly what I need them to do.Brent Lassi || CISO, Bluecore
Up and running in less than 30 minutes
Going through a proof of concept with Veza was extraordinarily easy and it definitely influenced Lassi’s decision to go with the technology. “I personally set up the Veza integration in under 30 minutes without days and days of engineering support. The customer success people sent documentation and offered to help — I said let me give it a try myself … and, bingo, it was up and running.” Now that implementation has settled in, Lassi looks forward to Veza’s periodic customer success calls. “I always learn something new, there are features upon features that I learn about on each call. The team does a great job of guiding me to success.”
Lassi anticipates leveraging Veza to implement entitlement reviews for identity governance and compliance certifications. “I want to get to a place where I can push a button and have Veza get entitlement information and then automatically push it out to other systems and teams to be validated or acted upon.” Going forward, he sees Veza as a tactical and strategic partner within Bluecore’s information security group. “As a totally data-centric company, Bluecore can’t leave anything to chance. I haven’t seen any other tool that tells me so much about permissions and data access. Identity management is a key piece of information security and Veza is my main tool for assessing, analyzing, and keeping everything hygienic.”