Clarity AI is a sustainability technology platform that uses machine learning and big data to deliver environmental and social insights to investors, organizations, and consumers. As of May 2022, Clarity AI’s platform analyzes more than 49,000 companies, 220,000 funds, 198 countries, and 188 local governments and delivers data and analytics for investing in corporate research and reporting. Clarity AI has offices in North America, Europe, and the Middle East, and its client network manages tens of trillions of assets under management. With a fully-remote workforce spread across multiple continents, Clarity AI faced a unique challenge: how to implement Zero Trust while maintaining a flexible, productive environment for its developers.
StrongDM provided a solution, helping Clarity AI improve its security posture and eliminate its VPN. Now, developers can connect to resources quickly and efficiently, and admins have the ability to audit user activity.
"It was easy to implement, and the support is great … We’re really happy with StrongDM." -Luis Cuervo, IT and security manager at Clarity AI
Temporary Access Across Multiple Time Zone
Before StrongDM, the development team at Clarity AI used an OpenVPN server that they implemented in AWS. Clarity AI has a fully-remote workforce operating from locations around the globe, and admins needed a way to manage temporary access across multiple time zones. According to IT and security manager Luis Cuervos, “The VPN was a nightmare.”
Users requested access via Slack and would receive temporary credentials to connect to the VPN and all of their resources. This process of access management placed an undue burden on administrators. When users connected to the VPN, they had access to the whole infrastructure. Auditing was minimal and only happened in broad strokes. Admins could review who connected to the VPN but could not see who connected to the databases or what commands they entered.
The company wanted to improve its security posture and streamline access. They recognized that the VPN had the potential to become a central point of failure and decided to implement a Zero Trust strategy.
Clarity AI Researches Zero Trust Solutions
The team at Clarity AI discovered StrongDM while researching how to implement Zero Trust. IT and security manager Luis Cuervo did his due diligence, evaluating StrongDM and its competitors before presenting his recommendations to the CTO and finance team. Ultimately, the choice to go with StrongDM was easy.
"We tested out StrongDM and other competitors. In the end, StrongDM was the one that fit our needs." –Luis Cuervo, IT and security manager at Clarity AI
Why StrongDM? Luis says, “The CTO was happy because implementing StrongDM was a big improvement in our ways of working.” And the finance team was happy with StrongDM’s billing structure. Competitors charged per resource, which quickly got out of hand. For a startup like Clarity AI, paying per user makes it easier to control the cost.
But the greatest feature of StrongDM has been its Customer Success and Support teams.
The support to us has been really, really, really great. We asked for an introductory meeting for developers to explain how everything works, and StrongDM was happy to provide it. It's something that we haven’t seen with other tools.
Luis CuervoIT and Sec
StrongDM Supplants VPN and Improves Visibility
Clarity AI’s developers loved how easy StrongDM was to implement. With StrongDM, tools and processes felt familiar. Engineers didn’t need to overhaul scripts. End users could access databases using their preferred clients. According to Luis Cuervo, “it was flawless.”
Clarity AI was able to eliminate its VPN after deploying StrongDM. As with any significant change, this brought some initial apprehension. Would work be disrupted? Would there be a steep learning curve?
After deploying, StrongDM quickly became the preferred way to request and grant access. StrongDM eliminated the VPN issues that regularly required troubleshooting. That meant less frustration for developers and less distraction for Clarity’s Support team.
StrongDM speeds up the onboarding process for new hires. By automating the steps that used to require manual intervention, StrongDM helped administrators focus on more strategic tasks. StrongDM’s Support team played a crucial role, offering best practices and advice as Clari automated these workflows.
StrongDM also speeds up the process to request and receive privileged access. StrongDM’s Slack integration allows developers to request just-in-time privileged access directly within chat. These requests are automatically routed to the appropriate managers for review and approval, eliminating unnecessary delays.
The ability to audit user activity has been a meaningful improvement for Clarity AI. Before StrongDM, admins had limited ability to audit user sessions. For example, Clari was not able to monitor user IPs, because the IP collected was internal to the VPN.
"With StrongDM, we have a lot of information about what the users are doing in their databases with the RDP logs." -Luis Cuervo, IT and security manager at Clarity AI
StrongDM’s comprehensive audit logs make it easy to answer who did what, where, and when across their entire backend infrastructure. This is a huge benefit to an organization that prioritizes transparency and fact-based decision making. With StrongDM, Clarity AI is able to monitor every query and command, which offers crucial detail to enforce new security policies and prove ISO 27001 compliance. Says Luis, “One of our high priorities [in the near future] will be to implement ISO 27001. With StrongDM, we are prepared.”