Merge, having access to lots of sensitive data, wanted to ensure top-shelf security for their customers. To follow good security practices, they regularly expired tokens every three months, and access to production was only given to experienced back-end developers. For on-call rotations, Merge provided privileged access and manually revoked them.
Merge realized they could redefine what was possible, exceeding good security practice to become best-in-class. Using Opal, an automated access management platform, Merge created a new standard of security in their category.