As a high-profile LGBTQ advocacy organization, GLAAD regularly faces targeted threats. Protecting the digital identities and data privacy of its staff, donors, interns, and large number of contractors and volunteers is mission critical, as a breach could not only disrupt operations, but put its people at personal risk.
â
Leo C., a member of GLAADâs IT team, takes this responsibility very seriously.Â
â
âEvery day is a threat to our organization. Every day we get hundreds of hate emails,â Leo explains. âMy role is to make sure that my staff is protected so they can go save the world.â
â
Given the high stakes, Leo poured hours into tedious manual investigations in an effort to monitor and protect GLAADâs SaaS identities and data. Still, he worried about what he was missing. âI'm only one human. I can't keep track of everything. It's virtually impossible for me to know about all the accounts people have connected with GLAAD data in them.â
When Leo found Nudge Security, he was blown away by the immediate visibility it provided into SaaS he hadnât known about, including accounts created with GLAAD emails, SaaS supply chain connections, and employee AI usage. Out of all the tools Leo has evaluated, nothing else has come close. âIâve looked at so many different applications,â he explains. âHaving Nudge has significantly brought peace of mind because I don't have to go looking for a needle in a haystack anymore. This has been my dream that I've been looking for for a long time, for years.â
â
Nudge Security alerts Leo to new SaaS adoption automatically, saving him hours of manual effort. âI'll get an email or a Slack from Nudge saying a new app has been detected and it's almost instant. I tested it. I actually did an OAuth login to a new service to test the speed at which Nudge can detect that. It was within five minutes. Thatâs excellent.â
â
With answers at his fingertips, Leo can secure GLAAD identities and data more efficiently and effectively. âHaving a tool like Nudge Security alleviates a lot of manual work and allows me to focus on other more important things.â
At GLAAD, SaaS identity security is critical to staff safety and data privacy. But Leo faces specific challenges when it comes to governing SaaS identities. Â
â
âAs a nonprofit, we have triple the amount of consultants to full-time staff,â Leo explains. âNudge is such an important tool for us because even though our consultants are working outside of GLAAD, they're connected to our data; they use a GLAAD email address; they have OAuth connected things. I need to make sure that I'm fully aware of whatever accounts they're creating using their GLAAD account, which is why I love Nudge.â
â
Nudge Security supports Leoâs high-priority identity and access initiatives, such as enforcing MFA adoption and migrating password-authenticated apps to OAuth or SSO. âOne of my key cybersecurity goals for this year and next fiscal year is to get people to use MFA more consistently and start transitioning them to OAuth and passkey,â Leo says. âUsing Nudge is a key component that will help me get staff on board with a passwordless world. Nudge helps me plug holes that I wouldn't have known were there.â
â
Before finding Nudge Security, SaaS security kept Leo up at night. He would scour Google Admin Console logs every morning and evening to find new OAuth grants, research their reputations, and search for evidence of recent breaches or supply chain attacks. Now Leo can rely on Nudge Security to surface security insights, from breach alerts to OAuth risks.Â
â
âI was spending at least four to five hours a day just to make sure I knew what was connected. But I was still missing things,â Leo says. âNow I spend zero time on that. I just rely on Nudge now. I don't have to worry about new apps. I don't feel like I have to check manually anymore because I can rely on Nudge to give me that instant Slack message or email.â
âBefore it was just such a hassle to disconnect everything manually. With Nudge, itâs automatic."
With Nudge Security, Leo has been able to reduce employee offboarding time by almost 90 percent, while increasing his confidence that heâs cleaned up all lingering access.Â
â
âBefore it was just such a hassle to disconnect everything manually. With Nudge, itâs automatic. Thereâs a built-in offboarding process where you just press one button and everything is disconnected, which saves me so much time. It takes five minutes, compared to 45 minutes. And without Nudge, I never would have known about the third-party websites where an employee signed up with their GLAAD email rather than OAuth.â
â
As GLAAD employees experiment with AI productivity tools, it falls to Leo to mitigate the potential risks of unwise use. âWe deal with a lot of sensitive information, a tremendous amount of it,â Leo explains. âWe have people who come to us for help, and we have donors who don't want their identity revealed. There's such a high risk of reputation damage for us. I don't want to risk any data exposure or data leakage. That's why it's super super important to know if our staff is using AI tools, because it's really concerning if they upload anything sensitive.â
â
Nudge Security helps Leo see the AI tools employees are using, assess the security of AI vendors, and automate AI governance. âWhen I see an AI tool that I don't want them to be using, I use Nudge to tell them, âhey, we have an alternative, please use it.â If they're not using it, I just revoke it, and if it's unsafe, I just block it out. Without Nudge, I probably wouldnât even know about it. There's like 10 new AI services that pop up every single day, so it's almost impossible to keep up.â
âHaving a tool like Nudge Security alleviates a lot of manual work and allows me to focus on other more important things.â