Data Share Analysis and Cleanup
Highspot’s employees are empowered to share data as necessary to collaborate with external partners, customers, and other third parties. This flexibility has enabled Highspot to grow at a phenomenal rate, reaching a $3.5 billion valuation in just 10 years. However, growing this quickly can come with negative consequences, and Highspot’s security team suspected they might have some challenges with employees setting overly broad permissions for external data shares.
Two common issues with external data sharing: sensitive company data gets shared outside of the organization, and data that should be shared externally with partners and contractors never gets unshared once it is no longer needed. The biggest challenge, however, is the breadth and scale of data sprawl and external sharing across SaaS platforms. Data sharing is often associated with SaaS file storage products like OneDrive, Box, Dropbox, and Google Drive. However, nearly every modern SaaS application has a method for sharing data externally – GitHub, ServiceNow, Salesforce, and even Zoom (where saved recordings can be publicly shared) could leak sensitive corporate data.
Highspot’s SaaS Environment
Highspot has multiple use cases. As a cloud-born hyper-growth startup, they are reliant on modern productivity and collaboration tools and automation – most of which reside within SaaS platforms. Their primary productivity suite is Google Workspace, with a fairly sizable Microsoft 365 footprint as well. Additional SaaS applications used for CRM, source code management, project management, HR management, and others form a complex SaaS mesh of interconnected SaaS applications.