Reclaim strengthens their security posture without slowing their team down
Reclaim engineers wait less than
Approvers can review and revoke
Reclaim has scheduled
Reclaim is a calendaring solution that protects users' most valuable resource: their time. Since their founding in 2019, Reclaim has automatically reserved 60 million timeblocks on users’ calendars for things like lunch, catching up on email, and focused work.
Reclaim infrastructure is hosted on Amazon Web Services. They have Tailscale relays deployed in each of their virtual private clouds for their dev, staging, and production environments.
Production Database Access Via Manual Tailscale ACL Editing
Formerly, engineers needing production database access would either ping Stevan Arychuk, Head of Site Operations & SRE, or Patrick Lightbody, the CTO, on Slack. If that access was approved, the engineer would be manually added to the Tailscale ACL and would need to be manually removed later. This workflow wasn’t scalable, and Reclaim was growing quickly. They also wanted to be in SOC 2 compliance, and their current system made gathering audit evidence challenging. Reclaim needed a solution that facilitated easy access reviews and kept immutable access logs.
On-demand production access with Indent and Tailscale
When Patrick showed Indent to Stevan, he was excited about the potential it had to both solve an immediate problem for them, but also help them become the kind of company they wanted to be.
I like to think of the beauty of this solution is it's a lot more than checking the box from a compliance perspective. It really helps us be authentic in our security posture, which is that we only provide access to customer data when actually needed. I think it would be a disservice…to say that we implemented this process so that we were able to get through a SOC compliance item. That's great, but that's like 10% of the value. In my opinion, the real inherent value is that access to customer data is on-demand as needed and has a full audit trail with reason for approval [and] who approved it.
After Indent was set up, Stevan demoed it for his team in his biweekly meeting. He sensed his team was less than enthusiastic about having a new process initially, but once they saw how Indent worked, that attitude changed.
...When they saw it they were like, ‘Oh, literally it's a slash command. And then 30 seconds later I'm granted what I asked for. That’s awesome’…It's a non-issue to people. It's something that doesn't add friction. It gets them what they need.
Not only has his team benefited from fast approvals, Stevan has been able to enjoy the flexibility Indent provides for approvers.
Before I needed to make sure I had a laptop, log in to Tailscale, [and] update the ACL through the UI...Where now [the] workflow is just a couple approval clicks on my phone.
Head of Site Operations & SRE
Access for on-call and non-engineering SaaS
Moving forward, Reclaim would like to use Indent with PagerDuty for their on-call rotations. They are also looking at ways to use Indent to regulate access to their non-engineering resources, like their marcom and billing ops systems.
Explore the potential value of using Indent to manage access...
Works withand more
Works withand more