adair Use Case
Challenge
adair is a startup that has developed a fully automated behavior mining for measuring how changes impact teams in organizations. Leveraging over 60 years of quantitative sociology on group behavior, adair replaces guesswork and intuition with pinpoint certainty. This approach drastically enables insights into organizational behavioral patterns and avoids employee dissatisfaction and other related issues with unhappy employees.
Rolling out software to achieve the above objectives requires modern infrastructure; hence adair leverages Amazon Web Service to deploy its software. This drastically reduces friction and allows adair‘s customers to quickly and flexibly access the adair platform.
adair collects employee data via a survey. Due to the sensitivity of this data, security and privacy mechanisms are imperative. Despite the use of several techniques to anonymize the data, the security of adair‘s AWS infrastructure is critical, and it is crucial to prevent data breaches and reputational damage.
This task has taken a lot of time and resources so far. Energy that a startup would rather invest in other activities.
Solution
To support adair‘s security and privacy challenges, Mitigant connected with the adair team to understand their challenges and expectations. Afterward, adair‘s account was linked to Mitigant CSPM and analyzed for security issues and compliance violations. Due to efficient automation, the entire process, from connection to result generation, took less than 30 minutes.
The result provides deep visibility into adair‘s resources, allowing them to have an asset inventory. Furthermore, it measures the security and compliance level for several cloud security benchmarks, including HIPAA, AWS Foundational Best Practices, NIST, BSI C5, and CIS.
Result
adair used the assessment result of Mitigant CSPM to improve the security posture of their AWS infrastructure. As a result, a number of security and compliance violations were remediated in the process.
Given that the assessment automatically runs daily, the adair team is continuously informed of new security and compliance findings. Similarly, they are notified of the current state of cloud resource drift, i.e. resources that are either created, deleted, or modified.
This saves over 80% of the time previously required for these tasks and provides more customer trust for adair‘s customers.