CO2 AI reduced provisioning time by 85% and completely eliminated shared credentials.
All-or-nothing Access Hindered Productivity and Security
CO2 AI is a sustainability management platform that helps companies measure, decide, reduce and collaborate on carbon emissions in a single and secure environment.
Before StrongDM, access to technical systems at CO2 AI was fairly all-or-nothing. The team had a small set of shared keys that passed from person to person anytime someone needed access.
Processes for requesting and granting access were convoluted and often manual. As a result, engineers required advanced knowledge just to connect to the resources they needed to do their jobs. This slowed down both access and productivity, especially for new hires.
The process to connect to a database could vary depending on where the database is, and the type of account on which it is. For some things, you need a key. Or you might need something to be activated somewhere for something. Knowing how to access one thing wouldn't necessarily help you know how to access another.
Abel EssianeHead of SRE and Infrastructure
Business Independence Made Better Auditing a Priority
Managing access with shared keys introduced risk. Since a key could grant a user access to anything, people could end up with too much privilege. They could potentially break something or make changes they weren’t supposed to make. And with no way to audit access, the risk only increased.
CO2 AI recently split off from its parent company, essentially moving from a brand-name organization to a startup. While this exciting change brought new opportunities for growth and innovation, it was potentially frightening for large corporate clients and prospects. CO2 AI wanted to prioritize its security posture and gain the trust of its customers and prospects.
“Potential clients often ask if we have SOC2 or ISO 27001 certification. I think it's going to be critical for us to do in the next year, maybe even the next 6 months."
- Abel Essiane, Head of SRE and Infrastructure
StrongDM Improved Speed and Security
StrongDM enabled CO2 AI to introduce self-service access management, which gave users more autonomy. In the past, developers could wait up to a week to get access to their resources. This lost time, cost the company about $2,300 per access request. Now, access in instantaneous-with no cost to the company.
Access also became much simpler–advanced knowledge is no longer required. According to Abel: “Now, people only have access to what they’re supposed to, and they can do it in two clicks.”
The network is also more secure. By removing the keys from developers' hands and making access granular and auditable, CO2 AI can more easily pass compliance mandates. This will “definitely accelerate our path to the certifications that will help us show that we can operate independently as we separate from the BCG brand name,” according to Abel.
“We have increased security with StrongDM, and at the same time, we can move faster. It’s a win in both directions–in speed and in security.”
-Florian Jourda, CTO