Case study

Why Lionbridge Chose Valence to Remediate their SaaS Security Risks

Founded in 1996, Lionbridge Technologies, LLC is the leading provider of localization and translation services, supporting over 350 languages for 2,500+ customers worldwide. As a fast-growing company with offices in 23 countries and operations worldwide, Lionbridge serves companies who depend on breaking barriers and building bridges for their customers.

Lionbridge revoked 95%

of inactive tokens without any manual effort.
of inactive tokens without any manual effort.
Collaboratively Remediate Your SaaS Security Risks- Valence- Lionbridge logo
Industry
Translation, localization and AI training
Company Profile
  • Founded in 1996
  • 6,000+ Employees
  • 2,500+ Customers
  • Primary Microsoft 365 environment with incidental use of additional architecture
Solution
Valence SaaS Security Platform

Challenges

Automated SaaS Risk Discovery & Remediation

Lionbridge empowers its employees to independently adopt the most effective SaaS applications for their jobs, enabling the organization to respond to market needs efficiently. However, an independent adoption approach has led to decreased visibility into the cloud services, SaaS-to-SaaS integrations, user identities, privileges, and data sharing permissions in place leaving the security team at a disadvantage. Manual oversight over hundreds of integrations and settings also proved to be unsustainable long term for a team committed to a lean structure with multiple high-priority projects. Finding a solution that met Lionbridge’s needs while preserving time and resources was high on the security team's wish list.

Lionbridge’s SaaS Environment

Lionbridge presented several use cases to Valence because they connect with customers through diverse methods, sometimes leveraging proprietary platforms developed internally, third party SaaS platforms, and even utilizing customer-managed solutions. Flexibility in how Lionbridge connects with their customers facilitates efficient exchange of data, content, and ideas. While their primary productivity suite is Microsoft 365, Lionbridge also operates a sizeable footprint of alternative architecture such as Google Workspace and uses business apps for daily operations, such as a Customer Relationship Management platform. Plainly stated, their SaaS mesh is expansive and complex.

Independently adopted SaaS solutions across globally distributed business units
Independently adopted SaaS solutions across globally distributed business units
Third-party integrations with high-privilege access to core SaaS applications
Third-party integrations with high-privilege access to core SaaS applications
Limited governance of email forwarding rules
Limited governance of email forwarding rules
Business requirement for greater visibility into inactive user accounts
Business requirement for greater visibility into inactive user accounts
Why Lionbridge Chose Valence to Remediate their SaaS Security Risks

An independent SaaS adoption approach led to decreased visibility into the cloud services, SaaS-to-Saas integrations, user identities, privileges and data sharing permissions.

Solution

The Aha! Moment

Valence offered Lionbridge automated SaaS discovery and remediation, giving the security team unified visibility and control over risk across SaaS services while empowering business users by including them in remediation workflows.

When Lionbridge conducted a Proof of Concept trial with Valence they were surprised by the volume SaaS applications present, including over 1,000 SaaS-to-SaaS integrations. All of their SaaS apps fell into two categories: those which were configured and deployed through official methods and which were known to the security team, and the rest which were independently adopted and integrated by business users.

Quote

“The ability to automatically mitigate SaaS security risks is a game changer for our security team. Instead of executing manual and labor intensive workflows, Valence’s self-governance workflows automatically collect the required business context, educate business users about SaaS risks and encourage them to remediate risks on their own.”

Doug Graham, Chief Trust Officer

Results

Setting policies was simple and efficient. Lionbridge was able to revoke 95% of obsolete or inactive tokens almost immediately. More than 20% were revoked by business users themselves with guidance natively available through Valence’s remediation workflows. Business users provided justification for 5% of the tokens and 75% were revoked automatically by Lionbridge through Valence after the security team deemed them obsolete.

Today, Lionbridge oversees fully automated remediation workflows, replacing previously manual processes and time-consuming analysis with efficient oversight. Now configured, Valence can run without human interference. Nevertheless, Lionbridge retains the ability to log into the Valence platform to gather metrics for reporting purposes. By engaging with business users, the tool also increases education and awareness across the organization about good SaaS security hygiene.

As Lionbridge received regular updates, upgrades, and new features, they have expanded their remediation workflows to detect and eliminate external data oversharing, overprivileged and inactive user accounts, and unrestricted email forwarding rules. With Valence’s reporting
mechanisms, the security team can now demonstrate the efficacy of SaaS integration management while reducing their corporate attack surface.

Detected and cataloged more than 1,000 SaaS-to-SaaS integrations
Detected and cataloged more than 1,000 SaaS-to-SaaS integrations
Approximately 95% of inactive or obsolete integrations were deprecated via token revocations
Approximately 95% of inactive or obsolete integrations were deprecated via token revocations
Classified high-risk and privileged-access integrations for immediate action
Classified high-risk and privileged-access integrations for immediate action
Achieved 100% visibility and governance of unmanaged email forwarding rules
Achieved 100% visibility and governance of unmanaged email forwarding rules
Identified approximately 10% of user accounts as dormant, resulting in increased resource availability and cost savings through account deletion or archival
Identified approximately 10% of user accounts as dormant, resulting in increased resource availability and cost savings through account deletion or archival

Benefits

Enable Business Productivity

Reduces time and effort by replacing manual efforts with automated SaaS security remediation workflows

Enable Business Productivity

Engages and educates business users on SaaS security by requesting justification and sharing best practices

Enable Business Productivity

Creates security boundaries around email forwarding rules

Enable Business Productivity

Simple and easy policy creation, yielding immediate results

Download the PDF

About Valence Security

Valence is a SaaS security company that enables visibility into SaaS risks and automates remediation. The Valence platform manages risks associated with data shares, SaaS-to-SaaS integrations, identities, and other misconfigurations. Customers can leverage automated workflows to collaborate with business users to contextualize and remediate risks.

About Valence security
Valence Security: Collaboratively remediate your SaaS security risks.
611 Gateway Blvd Ste 120, South San Francisco, CA 94080
Platform
Platform Overview
SaaS Security Posture Management (SSPM)
SaaS Risk Remediation
Identity Threat Detection and Response (ITDR)
Use Cases
SaaS Configuration Management
Manage Misconfigurations and Drift
Comply with Industry Standards
SaaS Identity Security
Ensure Strong Authentication
Review User Access
SaaS-to-SaaS Governance
Govern Non-human Identities
Discover Shadow AI
SaaS Data Protection
Reduce Data Exposure
Identify Exposed Data
SaaS Threat Detection
Detect SaaS Threats
Hunt SaaS Threats
Resources
About
Schedule a Demo
Contact Us
info@valencesecurity.com
Login
Valence Linkedin profileValence Facebook profile
Copyright © 2024 Valence Security | All rights Reserved | Privacy Policy | Terms of Use |