Veza announced an integration with
Google Drive, the popular file storage and synchronization service. With
this integration, Veza customers can now secure access to files like
docs and spreadsheets that are stored in Google Drive. With this
announcement, Veza has reached a milestone of 200 integrations,
providing Intelligent Access across the enterprise with the industry's
most comprehensive coverage.
Identity is the primary avenue for ransomware, breaches, and insider
threats. According to Gartner, "Over 80% of organizations have suffered
an identity related breach in the last 12 months." Gartner, "Top Trends in Cybersecurity 2023,"
by Richard Addiscott, Alex Michaels, et al, March 2023. Recognizing
that incidents are inevitable, CIOs and CISOs must limit their identity
attack surface, enforce access policies, and follow the principle of
least privilege.
Google Drive, which includes Google Docs, Google Sheets, and Google
Slides, is a key component of Google Workspace, the subscription
offering for businesses. Google Workspace has 9 million paying customers
and over 3 billion users according to Business Insider.
Google Drive files often include sensitive corporate information.
Because access can be granted through Google Workspace groups or through
a 3rd party identity platform, it is difficult for security teams to
answer "who can take what action on what data." A misconfigured drive
can leave files accessible to anyone on the internet.
Using Veza's Access Control Platform,
a Google Workspace customer can quickly find over-privileged users in
Google Drive and monitor for excessive access to sensitive drives and
folders. It's also easy to discover folders shared with contractors,
guests, or other external parties who shouldn't have access. This
reduces the risk of damage from any compromised or misused identity, and
it also improves compliance by automating and speeding the processes of
preparing user access reviews and recertifications.
"With Veza, we are taking on cybersecurity's biggest challenge: who can
take what action on what data. Traditional identity tools of IAM, IGA
and PAM have blind spots when it comes to identity access," said Tarun Thakur,
CEO and Co-founder of Veza. "What really matters is securing access to
data, especially as sensitive data is stored in an ever-widening array
of systems, including Google Drive. By deeply understanding the
system-specific permissions as the true picture of access, Veza
modernizes identity across cloud infrastructure, SaaS apps, data lakes,
on-premise apps, and custom apps. With Veza, our customers de-risk the
breach."
With this announcement, the Veza integration ecosystem passes a milestone of 200 integrations,
providing customers with the most comprehensive coverage for identity
security. Veza integrations secure access to systems including AWS,
Azure, Box, Google Cloud Platform, Okta, Salesforce, Slack, Snowflake,
and Workday. The newest integrations include MongoDB, ElasticSearch,
Kubernetes, Confluent, Concur, Jenkins, Kafka, and many more. The
growing catalog makes it fast and easy for Veza customers to
operationalize key use cases of privileged access monitoring, cloud
access management, data system access, SaaS access security, and
next-generation IGA (identity governance and administration).
"As an insurance company, our customers rely on us to maintain a strong
compliance posture to keep their data secure," said Brad Lontz, SVP IT
and CIO at CopperPoint Insurance Companies. "Veza has given our team
unprecedented visibility to manage all identities and their access,
enforce policies, and mitigate risks. We appreciate Veza's flexibility
in adding new integrations for both common and industry unique
applications."
With this integration, Veza customers can now:
-
Discover all entities (including external guests) with access to all drives and folders
-
Monitor and alert for misconfigurations, like drives accessible to the public or guest users, as soon as they occur
-
Create access reviews for Google Drive automatically and assign review tasks to the drive owner