privileged access reduced.
access tickets automated.
4 min.
average TTR.
A story by Christian Wimpelmann, Manager, Identity and Access Management, Code42

How Code42 Automated IT Tickets and Reduced Privileged Access by 67%

“Providing an easy-to-use solution for access requests and reviews that saved us time and made us more secure was the top goal for my team. We got that with Lumos.”

The Challenge

Christian Wimpelmann, Manager, Identity and Access Management:

I’m a big believer least-privilege to protect against insider risk. Least-privilege to me means giving the right employees the right access for the right amount of time. Anything more than minimum access is an inherent security risk, whether from a malicious employee, compromised endpoint, or just an honest mistake. I wrote more about that here.

Now, before we could make progress on our least-privilege initiative, we had to automate how we grant access. My team and I were stuck using an old, manual process to manage our access request tickets. It took far too many hours to chase down approvers and provision access.

I wanted to find an automated solution for access requests that not only integrated well with Okta and Slack to reduce the level of change management, but also allowed me to enable least privilege best practices.

The Priorities

1. Automation

My team would spend hours every day on access requests. We needed to automate these to get time back for more important security projects.

2. Compliance

User access reviews were still being done through spreadsheets. I wanted a streamlined solution that would collect all our data in one place.

3. Security

Reducing the threat surface area was top of mind for our IT team. We wanted to make our systems more secure.

The Solutions

Automating IT Tickets with Slack

On average, employees were making 100 requests a week. My team could take anywhere between 4 hours to a couple days to see a ticket, find the relevant app admin, and provision access for a single ticket.

Through leveraging Lumos’ Slack-first experience, employees can request apps directly in Slack and get access to applications within minutes.

Improved Security with On-Call Break Glass Access

Our engineers can swiftly develop features and address issues, ensuring the safety of sensitive data. Using features like pre-approved groups, verified on-call engineers can get access to sensitive databases within seconds when an incident occurs.

Added to that, my team knows Lumos will remove access within a few hours through leveraging time-based access. Happy engineers. Happy security team. A win-win situation.

Streamlined Access Reviews

We are FedRAMP, SOC2 and ISO27001 certified, which makes access reviews especially important. My team no longer has to worry about working in spreadsheets, chasing down reviewers, data integrity issues, and manually creating reports for auditors. Lumos automatically pulls all the information my team needs through deep app integrations in one place.

Relevant reviewers are notified via Slack or email. They can come back to Lumos to complete the access review, and I can generate audit reports with the click of a button. I can now run double the number of access reviews, and also use all the time saved for more impactful projects.

The Impact

Reduced Privileged Access by 67%

Before Lumos, we granted permanent access to sensitive apps with no visibility into users or time requirements. With Lumos, we were able to deploy time-based access for our most critical applications, ensuring employees got the right level of access for a limited period of time, helping to reduce privileged access by 67% across our tech stack.

Improved Security Posture by 30%

We conduct annual internal security reviews to assess our security posture. Lumos was able to help improve our security scores on access controls by almost 30%. My team sleeps better at night knowing Lumos has helped reduce our threat surface area.

TTR Down From Days to Minutes

I was able to gain back significant time every week for my IT team through automating access requests with Lumos. Instead of spending an average of 4 hours per ticket, Lumos handles all the work within minutes so our IT team can take on larger initiatives.

“We easily saved on software spend and delivered a fantastic employee experience even our CEO was impressed.”

Dai Phung, Head of IT – Secure Code Warrior
Fill out the form now and get a free live demo with the Lumos Team.