NEW YORK AND SAN FRANCISCO–(BUSINESS WIRE)–Opal today announced the closing of a $10 million Series A funding round led by Greylock. Opal’s platform enables companies to manage employee access in a scalable way with a focus on reducing the number of accesses granted. By decentralizing access management away from bottleneck teams like security and IT, Opal enables organizations to grant access more selectively, reducing their attack surface and compliance burden.
Traditionally, enterprise security has focused heavily on perimeter defense. In this model, companies attempt to stop attackers at external layers of protection like firewalls. More recently, enterprises have begun to adopt a defense-in-depth posture where perimeter breaches are assumed to occur, but internal layers of protection are also implemented to mitigate damage.
One of the main strategies is to limit the number of accesses granted to employees. The fewer accesses granted, the less damage a compromised account can cause.
However, it is difficult to limit access without hurting productivity. Employees use many complex systems in their daily work, each with their own way of defining access control. For many organizations, it’s easier to give more access than necessary, avoiding the manual overhead of granting employees only the access they need based on the principle of least privilege.
This is where Opal fills the void, implementing a culture shift where it can help organizations provide less access without compromising productivity.
By permanently limiting granted access and making it easy to quickly request additional access, Opal helps organizations embrace true least privilege. Businesses using Opal can process requests faster thanks to a decentralized model that takes ownership away from just one or two teams. Opal’s focus on integrations allows employees to request granular access including databases, Salesforce roles, GitHub repositories, Okta groups, and more. Opal also offers workflows for performing enterprise-wide access reviews to help meet compliance standards and reduce the access footprint.
“Every security and engineering manager we talk to wants to move to least privilege, but are unable to do so with current offerings,” said Saam Motamedi, general partner at Greylock. “Opal’s approach is a new way of thinking about large-scale access management. Its innovative approach balances usability with least privilege, empowering end users and administrators alike. We believe Opal will be an emerging leader in an important and broad category. »
Currently, Opal is the access management tool of leading technology companies in various industries, including Databricks, Blend, and Marqeta.
Mike Hamilton, VP of IT at Databricks, said, “Opal is building the identity management and authorization framework, delivering an incredible user experience for our employees while ensuring we have the ‘infrastructure for auditability and evidence’.
Launched in 2020, Opal was founded on the leadership team’s first-hand experience with access management challenges at companies like Dropbox and Collective Health.
“Our internal tool at Dropbox was powerful, but there was a lot of friction in the user experience,” said Stephen Cobbe, CEO. “It was difficult to answer simple questions like, What does this group give me access to?Where When was the last time I used this access?. If the goal is to build a culture of least privilege, it should be easy to navigate, request, and receive new access.
“We’ve found that after talking to different companies, true authorization is often delayed or oversimplified,” said Umaimah Khan, Chief Product Officer. “There are nuances in designing a system like this – bringing in data on who a person is, for example, or accommodating reorganizations and changing roles. It also requires a lot of engineering effort to both build and maintain in-house. The focus cannot be on function alone: designing something that people will actually use is one of the hardest parts of implementing security best practices.
The Opal security platform, backed by Greylock, enables organizations to implement least privilege at scale. Through a combination of information and workflow, Opal decentralizes access management away from overworked teams. Without using agents or proxies, Opal can be deployed on-premises and in the cloud in minutes. Opal is based in San Francisco and New York. For more information, please visit www.opal.dev or contact them at [email protected]