This award-winning access management project uses automation to streamline access requests and curb security risks.
As an e-discovery company that helps law firms, corporations, and government agencies mine digital data for legal cases, Relativity knows the value of guaranteeing that people have the appropriate level of access to do their jobs.
Access management is crucial in the legal world because cases depend on financial records, medical records, emails, and other personal information. Unauthorized access to this sensitive data could violate privacy regulations, compromise client confidentiality, or possibly trigger a data breach.
Halfway through 2022, Relativity realized that managing access to its government cloud environment had become a slow and manual process for its internal teams, which increased the risk of human error and overburdened security staff. The company set out to implement automation tools to streamline access management, and by December 2023, a new automation process was fully deployed.
“With this project, we saw an opportunity to use automation to save time for our experts and limit the number of people internally who needed authorization to product environments,” says Marcin Święty, CSO at Relativity.
Accelerating and safeguarding access controls
The main challenge for Relativity was that access to the government production environment was extremely limited. Only one person at a time with public trust certification could access and make changes to the environment, which slowed the build process.
To remedy this, Relativity’s in-house security team, Calder7, deployed a medley of automation tools, including:
- CoastGuard: CoastGuard, Relativity’s Kubernetes permission management tool, automatically detects when new namespaces and resources are added to an environment, revokes permissions after a fixed time period expires, and removes users from groups.
- A Just-in-Time Self-Service Application: This tool uses automation to run background checks on users before granting them access as well as ensure users are given access only when it’s needed based on their permissions.
- Access Matrix for its RelativityOne Government product: An Access Matrix’s main feature is it automatically flags permission discrepancies and instances of “access creep,” i.e. when employees have more access than they need to do their jobs.
“The standout part of this new automated system is that internal users can request access to the specific resources they need, whenever they need them,” says Święty. “There’s no more waiting for their requests to be manually reviewed.”
Święty praises how the access management tools work in unison to automatically validate user access.
“Altogether, these automation tools have improved both security and efficiency,” he says.
Automating access saves precious time, reduces risks
Święty measures the impact of Relativity’s access management automation project in terms of both access and time.
“This project increased our in-house security team’s capacity by 20% because they no longer have to spend so much time reviewing access requests manually,” he says.
“We’ve also seen fewer manual access requests overall because the CoastGuard deployment for the government cloud now handles these automatically. This has saved a lot of time while also making the interactions more secure.”
Thanks to the new automation process, Święty says, engineers can now get access to their namespaces in less than a day, compared to the previous average of five days. With more detailed control, clearer accountability, and a faster approval process, the Relativity security team has reduced the risk of human mistakes and minimized security threats related to inefficient access management.
For its access management project, Relativity earned a 2024 CSO Award. The award honors security projects that demonstrate outstanding thought leadership and business value.
Ultimately, automating access management strengthens security
Relativity learned that manually managing data access is a recipe for delays and human error, both of which create security risks.
By automating access management, Relativity can now confirm that only the right people have access to the right data when they need it, without waiting for manual approval. Automation also ensures that access permissions are reviewed regularly and revoked when no longer needed. This keeps the data more secure and allows Relativity’s security team to spend time on urgent issues rather than routine access approvals.
“We plan to keep using automation to strengthen our security systems,” Święty says. “As cyber threats keep evolving, we need to stay ahead, and automation plays a big part in helping us do that.”
Mark your calendars, CSO Conference 2025 will take place 10/20/25 – 10/23/25 at the Grand Hyatt Indian Wells Resort & Villas in California.
Register now for our upcoming security event, the IT Governance, Risk & Compliance Virtual Summit on March 6. Learn more here.
Read More from This Article: Relativity reaps the rewards of automated access management
Source: News