Preventing cross-customer contamination with Cyberhaven
Cyberhaven helps ensure ServiceSource's 3,000 customer service agents do not send sensitive data to the wrong customer.
Why ServiceSource loves Cyberhaven
ServiceSource transforms the B2B digital customer journey experience by bringing the world’s greatest brands closer to their customers.
Based on the origin of the data, a specific customer’s data is allowed to be emailed only to the relevant customer domain.
Sending sensitive information to the wrong customer can violate compliance requirements like GDPR and erode confidence in the company’s service offerings.
Cyberhaven enabled the ServiceSource security team to have conversations with business stakeholders about what data flows were happening in the organization.
Reduced investigation time
ServiceSource is an outsourced go-to-market services provider that delivers B2B digital sales, customer success, and renewal solutions on behalf of enterprises worldwide. ServiceSource’s expert sales professionals, data-powered insights, and proven methodologies scale and transform customer journey experiences into profitable business outcomes.
In their own words
“Cyberhaven’s data tracing provided new capabilities for preventing accidental cross-customer data disclosure, continuously elevating our security posture.”
Global brands trust ServiceSource with their most valuable resources: their customers and their revenue. With 3,000 customer service agents around the world, ServiceSource helps their customers manage their customer journeys. Sending sensitive information to the wrong customer can violate compliance requirements like GDPR and erode confidence in the company’s service offerings.
With an increasing dependency on collaboration and cloud apps, the chances of the wrong file getting into the wrong hands increase. Furthermore, sales reps or customer-facing representatives often handle multiple accounts, so the chances increase for accidental data leaks.
The first task was to automatically discover all data and associate each piece of data with the respective ServiceSource customer it related to, based on the specific collaboration workflows they had set up with each customer. Unlike UMA/UEBA, which monitors and analyzes a single user activity, Cyberhaven collects metadata for the entire data journey and can provide alerts when data is being put at risk. This provides the full history lineage of the data, such as everyone who has accessed it and each time the file is renamed, copied, and saved, as well as the locations where copies are being maintained. Based on the origin of the data, a specific customer’s data is allowed to be emailed only to the relevant customer domain. The level of detail provided by Cyberhaven means that ServiceSource can both identify potential cross-customer data loss contamination and prevent it. Cyberhaven offered ServiceSource a much more advanced rules engine to establish and enforce precise policies that would protect the organization without adding friction to employee workflows.
As a SaaS product, Cyberhaven was easy to deploy across endpoints and clouds to provide immediate visibility, allowing ServiceSource to prevent accidental data leaks with a single Cyberhaven policy. Furthermore, by demonstrating actual user activity, Cyberhaven enabled the ServiceSource security team to have conversations with business stakeholders about what data flows were happening in the organization. Best of all, there was no need to establish rules or policies in advance of monitoring.