Product OVERVIEW
Accelerate employee access on paved roads
Enable employees to easily get access in a simple, fast, and secure manner.
Request a demo in under a minute.
64% of organizations
have productivity impacted on a daily because of access issues
55% of teams
maintain backdoor access to systems due to access delays
52% of engineering teams
have missed deadlines because they were waiting for access
With Opal, we were able to shift our engineering team's time towards Blend's products and focus less on business processes for granting and calibrating access. With Opal's developer extensibility and intuitive user experience, we are able to scale our identity security strategy and ensure our users have the guardrails to be secure by default on our most sensitive systems.
Paul Gutherie
Information Security Officer
Use Case
Accelerate access requests
Challenge
Managing access requests can be time-consuming, manual, and confusing. Companies often rely on Jira, Slack, and spreadsheets to track and manage access.
Slack automation
Employees don’t have to learn new workflows. They can make requests and manage approvals through Slack.
Decentralized management
Instead of relying on bottlenecked teams, Opal delegates responsibilities to resource owners and managers with the most context.
Dynamic IAM role creation
Engineers can natively request and create new IAM roles. DevOps can approve via one click in Slack without needing to log into the AWS console.
Use Case
Automated on-call access
Challenge
Managing engineering permissions for on-call rotations is hard. Companies need to make difficult trade-offs between security and agility. Indexing on agility leads to over-provisioned access and increases security risks. However, indexing on security increases operational burden.
Reduce over-provisioned engineering access
Instead of granting engineers with full admin access as a result of being part of multiple Okta groups, Opal grants bundles of permissions leveraging native integrations to cloud infrastructure.
Automate provisioning and deprovisioning
Rather than granting engineers access to production all of the time, Opal’s on-call integration will grant access when they are on-call and revoke it when they are off-call.
Use Case
Faster Employee Onboarding
Challenge
Onboarding new employees is a difficult balance between unblocking new hires and creating security vulnerabilities through over-provisioned access.
.png)
Request access on behalf of new employees
Managers can submit access requests on behalf of their reports when they join the company. All access requests are tracked and audited!
Self-service automation
Managers and admins can curate collections of resources and groups that are useful for employees. New employees can browse collections of bundles when they onboard to the company.
FAQs
How does Opal accelerate access requests?
Opal accelerates access requests through delegation and automation.
- Delegation: Access requests are often bottlenecked by centralized teams such as IT or DevOps. Centralized teams often lack context on who the requester is and what they are requesting for. This often leads to long and tedious conversations. With Opal, access requests are routed directly to resource owners and managers. All resources can have pre-defined approvers who can easily take action in Slack.
- Automation: Most companies track, manage, and grant access manually. This often leads to long wait times, slowing down both managers and employees. With Opal, access can be discovered, notified, and granted all via Slack!
Can I customize templates for access requests?
Yes! Admins can set up approval and access policies for all resources. For example, access requests can be configured to have multi-stage approvals, two-factor authentication, maximum durations, and more. Additionally, admins can also require requesters to answer specific questions before they make the access request
How does Opal track and audit access requests?
Opal enables employees to make access requests via Opal or Slack, and Opal tracks all access requests in the audit log – including threaded comments in Slack!
How is on-call access monitored and audited?
All access changes are tracked with Opal’s audit log. Additionally, slack alerts can be set up so that all on-call access grants and revocations can notify a Slack channel.
