How Eye Security Replaced Manual Tickets With Automated Access Management And Real-Time Compliance
Eye Security outgrew a ticket-driven access model as headcount tripled and their app stack expanded past 150 tools. Manual access work, shadow IT, and offboarding risk made it hard to stay secure and audit-ready. With Cakewalk, Eye Security automated access workflows, distributed ownership to application owners, and gained real-time compliance visibility across their entire cloud environment.
“We almost have as many tools as employees. At that scale, it was just a lot of tickets and figuring out who has or needs access to what.”
Wouter van der Velde
System Administrator, Eye Security
Introduction
Eye Security is a cloud-native cybersecurity company that grew rapidly in a short period of time. Headcount increased from roughly 60 to nearly 200 employees, and the number of applications in use grew just as fast.
What worked at smaller scale quickly broke down. Access requests piled up, offboarding became harder to control, and visibility into application usage declined. With a small IT team and strict ISO 27001 requirements, Eye Security needed a better way to manage access without slowing the business down.
The Challenge
Manual ticket-based access no longer scaled
Access management relied on tickets and manual approvals. With more than 150 applications in use, IT became a bottleneck. Routine access decisions consumed time that could not keep up with growth.
Shadow IT and offboarding risk increased
As a cloud-first company, teams adopted tools quickly. Applications without SSO were easy to miss, especially during offboarding. This increased the risk of lingering access and security gaps.
Compliance required real-time evidence
Eye Security needed accurate, up-to-date proof of access controls and reviews for ISO 27001. Reconstructing access data during audits was time-consuming and risky.
The Solution
Eye Security adopted Cakewalk to automate access management and shift responsibility closer to the teams using the tools.
Automated access workflows
Cakewalk replaced hundreds of monthly access tickets with automated workflows. Routine access no longer required manual IT intervention.
Distributed access ownership
Access decisions moved from centralized IT to application owners and privileged users. IT retained oversight while teams handled day-to-day approvals.
Full visibility into application usage
Using Cakewalk's browser extension, Eye Security gained visibility into application usage beyond SSO. Shadow IT could be identified and managed instead of guessed at.
Reliable offboarding across the stack
Cakewalk ensured access removal even for applications without SSO. Offboarding no longer depended on memory or manual checklists.
Real-time compliance integration
Access data and review evidence were synced into Eye Security's GRC tooling via the Cakewalk Open API. Compliance evidence stayed current by default.
The Results
Operational efficiency
- Hundreds of access-related tickets per month eliminated
- IT no longer acts as the bottleneck for routine access decisions
Security and offboarding
- Significantly reduced shadow IT through full application visibility
- Consistent access removal during offboarding, including non-SSO apps
Compliance readiness
- Always up-to-date access inventory across the stack
- Automated syncing of access data into compliance tools
- Audit evidence available in real time, not reconstructed later
