Case study

How Databricks reduced account compromise risk by codifying IAM with Bridgecrew

  • Databricks brought on Bridgecrew to help address their cloud infrastructure gaps 
  • Bridgecrew assessed Databrick’s cloud security posture and immediately prioritized right-sizing their IAM  
  • By leveraging automation, Bridgecrew helped Databricks set policies to govern future access 

About: Founded in 2013, Databricks is the leader in Unified Data Analytics. By providing data teams with the ability to process massive amounts of data in the cloud and power it with AI, they empower data-driven decisions and the adoption of machine learning to outpace the competition.  

Industry: Analytics 

Size: 1300+ employees

Stack: AWS 

The challenge 

With a complex cloud environment and several years of cloud sprawl under their belts, Databricks’ lean but rapidly growing security team needed a jump start in securing their cloud infrastructure. Between hiring and aggressively scaling their security program, the Databricks security team was left with little time to address important cloud security best practices.

One area they needed a jump start in was creating a clean, consistent, and centralized Identity and Access Management (IAM) system. As seasoned security professionals, they understood that the longer they waited to address IAM governance, the greater the risk and time investment would be down the line. 

The solution

To augment their existing resources and start prioritizing their top cloud security risks, Databricks turned to Bridgecrew. As Databricks focused on day-to-day operations and building out their team, Bridgecrew laid the foundation for their future cloud security strategy—starting with IAM. 

Bridgecrew connected with Databricks’ AWS accounts to analyze the current state of their overall cloud security posture and set the path forward to achieving least-privilege IAM. 

“Growth of cloud infrastructure is amazing both in terms of productivity and security, however due to the ease of use in creating assets on the fly it has created a cloud sprawl problem that quickly gets out of control. One of the top challenges is in roles and permissions. Bridgecrew helped us accurately identify the IAM issues and remediate them safely without breaking anything.” 

— Caleb Sima, VP Security, Databricks 

The outcome

Through automation and the implementation of policy-as-code, Bridgecrew helped Databricks not only right-size their existing jumble of users and roles but also enabled them to set policies and guardrails to govern future access. 

In just three months, Bridgecrew helped Databricks vastly improve their AWS IAM with incredible results.

Reduced groups and roles by 75%

Right-sized account admins by 96%

Removed 100% of unused users

 

Helping Databricks reduce account compromise risk provided immediate value and has had a long-lasting impact. 

“Bridgecrew is an integral part of our multi cloud environment security program. We rely on Bridgecrew’s ability to provide policy violations in our environments in line with Databricks’ security program, remediation steps, and actions. Working with Bridgecrew has made it a great partnership for both companies.” 

— Adam Fest, Head of Security Engineering, Databricks

As continued partners, Bridgecrew and Databricks are working together to address additional areas of risk and enforce cloud security policies to enable them to scale quickly and securely.