Kriz and SGNL’s second co-founder, Erik Gustavson, spent roughly a decade developing identity solutions at Bitium, which they co-launched in 2011, before conceiving of SGNL. After Google acquired Bitium in 2017, Gustavson joined the tech giant as an engineering manager working on “next-generation” identity access management for G Suite (now Google Workspace). Kriz also spent several years at Google on the product, identity and authorization team.

“From our vantage point working in multiple, identity-focused areas at Google, it was clear to Gustavson and I that few companies had been able to effectively solve enterprise authorization at scale,” Kriz said. “Seeing a critical need to help companies keep user and customer data safe, we founded SGNL in 2021 to address the challenge. We quickly attracted a core team of identity industry experts who are passionate about pushing the boundaries of what is possible in enterprise authorization.”

SGNL aims to provide “just-in-time” access to enterprise data to a company’s employees based on business context, such as business needs or justifications. Rather than relying on relatively static roles or attributes, the startup’s platform only grants access to software resources and data when a user needs them.

A glance at SGNL.ai’s dashboard, which lets admins review authorizations across teams, divisions and individual employees. Image Credits: SGNL

Beyond this, SGNL attempts to unify existing systems-of-record such as corporate directories, HR directories, customer relationship management platforms and ticketing systems, building a graph of workforce and customer data that can be used to determine dynamic access rights. Access can be audited in real time, ostensibly making it easier for managers to produce compliance reports and analyze historical authorizations.

“The pandemic and broader shift in working patterns — hybrid, remote work, extended workforces, etc. — makes the problem of authorization and access management more urgent for the enterprise. The modern workforce is no longer operating from inside a corporate firewall using only on-premise applications,” Kriz added. “This creates ideal conditions for bad actors to exploit overly broad ambient access rights to attack the enterprise … SGNL’s platform helps contain the blast radius by reducing ambient access and determining access to sensitive data on a just-in-time basis.”

“The number and cost of data breaches is only increasing … SGNL is positioned well with the shift in most enterprise organizations to increase security, ensure compliance and reduce expenses,” Kriz said.

Palo Alto-based SGNL, which currently has 28 employees, expects to hire seven more people by the end of the year.

SGNL.ai secures $12M to expand its enterprise authorization platform by Kyle Wiggers originally published on TechCrunch

source