Demo Request
Take a personalized product tour with a member of our team to see how we can help make your existing security teams and tools more effective within minutes.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Home
Blog
Exela Pharma Sciences Leverages Reco to Reduce its Attack Surface Area and Manage Risk

Exela Pharma Sciences Leverages Reco to Reduce its Attack Surface Area and Manage Risk

Reco Security Experts
Updated
December 4, 2024
December 6, 2024
2 minutes

Exela Pharma Sciences, an award-winning US-based integrated specialty pharmaceutical company, leveraging Reco to protect its confidential pharmaceutical data, such as patented medication recipes and dosage information. Exela utilizes core SaaS applications such as Veeva CRM and Veeva Vault, Microsoft 365 (M365), and SAP on a daily basis to support its business operations.

During a time of rapid growth, the Exela security team was struggling to keep up with all the identities and applications that were being added to the corporate infrastructure. Initially relying on ingesting logs from Microsoft into its SIEM solution to gain visibility into its M365 environment proved to be an exhaustive effort, and was quickly abandoned.

To keep the company safe from damaging breaches, Exela needed a solution that would provide insight into what was being deployed, who was accessing what, and what permissions existed. Exela signed up with Reco to help.

Utilizing the Reco platform, Exela was able to:

  • Reduce risk. They identified and managed risk around 218 shadow applications. They also remediated misconfigurations, for example they removed stale accounts that were several years old, added MFA to accounts that did not have it, and changed passwords for users who shared their corporate credentials in SaaS apps.
  • Decrease configuration drift. They worked with Customer Success to build automations that enforce security policies and reduce drifts from baseline.
  • Increase visibility and observability. The team now has visibility into the complex web of identities, apps, and permissions across its SaaS ecosystem. By sending high and critical alerts through the SIEM to the Security team, SaaS risks can be addressed immediately, reducing corporate exposure.
  • Create a security-conscious culture. Using intelligence provided by Reco, Exela has been able to implement targeted security awareness training that addresses specific mistakes pertaining to each department.

“Now that we use Reco we’ve reduced our attack surface area and we have the tools we need to deprovision SaaS and also change passwords for users who share their corporate credentials in SaaS applications.We have reduced both the stress and the risk that comes with our business growth because we have a handle on what’s happening across our SaaS deployments and our technology users,” says Ansari. 

Read the full customer story of Reco and Exela Pharma Sciences to learn more.

ABOUT THE AUTHOR

Reco Security Experts

Technical Review by:
Gal Nakash
Technical Review by:
Reco Security Experts

Request a Demo
Table of Contents
Overview
Get the Latest SaaS Security Insights
Subscribe to receive updates on the latest cyber security attacks and trends in SaaS Security.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Explore Related Posts

SaaS Security
4 minutes

CISA Demands Federal Agencies Secure SaaS Apps. Here’s How to Get it Right.

Kate Turchin
December 23, 2024
CISA recently released requirements for federal agencies to secure SaaS applications like Microsoft 365. Learn five steps to get SaaS security right.
SaaS Security
3 minutes

How Reco Discovers Shadow SaaS and Shadow AI

Kate Turchin
December 16, 2024
Reco's shadow SaaS and shadow AI discovery solution can identify all applications and copilots being used by employees, rank their level of risk, and provide insight into who is using what and how.
SaaS Security
5 minutes

Shadow AI Security in SaaS: Challenges, Risks, and How to Protect Data

Kate Turchin
December 16, 2024
The recent surge in generative AI adoption has given rise to a new security concern: shadow AI. A subset of shadow IT, shadow AI refers to the unapproved or unsanctioned use of AI tools and copilots within an organization. This blog discusses shadow AI security challenges, risks, and how to prevent data exposure by reducing shadow AI.
See more articles from our blog