Rho is an all-in-one finance platform that offers fully automated solutions for accounts payable, cards, expense management, and treasury.

The Challenge: Flexible just-in-time access done right

Rho operates in a market that is strongly regulated, and they were looking for a solution to help them meet access control requirements. They also needed a solution that could seamlessly integrate with their existing environments.

The Apono Solution: Customizable Just-in-Time Access

With Apono, Rho can now deploy temporary just-in-time access across all of their environments – while maintaining compliance with strict regulations.

Top-Tier User Experience

Apono is a DevOps-first solution that prioritizes an easy-to-use experience for the end users. Simplify sending access requests, managing approvals, and integrations with the most popular third-party vendors.

Empowering Developers and DevOps

Leverage Apono’s robust API for easy integrations to additional resources and connections to your existing tech stack. It works right out of the box, but also empowers you with next-level customizability and control.

Automated, Granular Just-in-Time Access

Access is tailored to the task at hand in both granularity and duration by issuing just-in-time permissions that can be revoked after a predefined period, or when a task has been completed.

Auditability & Accountability

Have a strict audit of who accessed what, when, and why – all under one unified control plane. Maintain compliance with strict industry regulations at all times with continuous least privilege access to the production environment or sensitive data.

A leader in the Human Resources and Recruitment Optimization space has expanded its operations to new AWS regions and requires a manageable, dynamic, and secure way to manage access and to adhere to customer requirements while maintaining operational needs.

The Challenge

The company would like to provide developers access to MongoDBs on its production environment. To comply with customer compliance restrictions and to prevent human error, it requires:

Right-Size IAM – Grants developers “Just-Enough” access to resources for a “Just-in-Time” duration, reducing the chance of human-error and adhering to customer requirements. 

For example:

Read-only Access to Production MongoDBs – On demand Via ChatOps

Read/Write Access to Production MongoDBs – On demand Via ChatOps with Approval

The company needed a robust solution that would provide the following:

• Scalability –The company had developed an internal solution that was not able to meet its growth. It requires a solution that can meet any scale of operations.
  
  

• Full Audit Trail – A solution that will document each step of the request/approve process including access justification, enabling full transparency of customer production access whenever it is required.
  
  

• One-Stop-Shop – A single solution that will manage permissions across all of the organization’s cloud resources:
  • MongoDB
  • Kubernetes
  • S3
  • PostgreSQL
  • ElasticSearch

“We rely heavily on MongoDB in our production environment. Managing access to it has proven to be a challenge to say the least. Our internal solution had its glory days but was unable to meet our welcomed growth.”

DevOps Lead @ HR Company

The Solution – Apono Dynamic Access Flow

Using Apono’s platform, the company now has the ability to meet all the project requirements:

Automatic granting of Read access to developers who are within context and belong to the designated group, see access flow below:

ChatOps – Using the organization’s Slack tool, developers can now request Read/Write access in a simple, intuitive way.

• Scalability – Apono’s access flows can meet any scale and do not require adjustment according to growth.
  
  

• Full Audit Trail – Each action taken by the requester or approver and justification is recorded and can be viewed.
  
  

• Centralized Management to all cloud resources improves DevOps productivity while reducing MTTR.