SugarCRM Chooses Styra DAS and Open Policy Agent to Automate Authorization Policy for Fast-Growing Volume of Kubernetes Clusters

SugarCRM Chooses Styra DAS and Open Policy Agent to Automate Authorization Policy for Fast-Growing Volume of Kubernetes Clusters

Styra, Inc., the founders of Open Policy Agent (OPA) and leaders in cloud-native authorization, today announced SugarCRM Inc., the innovator of time-aware CX, has deployed Styra Declarative Authorization Service (DAS) to dramatically cut infrastructure costs and free up DevOps and platform team resources and time, while improving security and reducing downtime. SugarCRM has moved from a manual review of workloads and YAML configurations to automated guardrails, enabling the team to spend more time on business-critical projects, accelerate time-to-market, improve reliability and ease compliance concerns.

SugarCRM has users across more than 4,500 companies in 120+ countries leveraging its customer experience solutions that provide marketing automation, sales force automation, customer service, collaboration, mobile CRM, data enrichment and time-aware reporting. The software pipeline at SugarCRM is highly automated, and that automation is critical for fast release cycles, ensuring high-quality software, and maintaining standards for security and compliance.

Read More: Strategies to Make the Best of B2B Marketing Budget

Before Styra DAS, SugarCRM relied on manual operations, which were resource-intensive and prone to human error. SugarCRM needed infrastructure security and compliance controls that worked with modern software-defined systems and could be tracked over time. Not only were errors hard to prevent, but without a record of all the hands-on reviews to meet security regulations, it was extremely difficult to prove compliance without further manual effort walking through code with auditors.

“The manual process of reviewing Kubernetes workloads was siphoning valuable time and money. The platform team was constantly reviewing implementations and configurations and enforcing everything manually. These manual operations opened the door to misconfiguration due to human error,” said Jorge Arroyo, Senior Vice President of Engineering and Cloud Operations, SugarCRM. “Styra and Open Policy Agent eliminated at least 40 hours per week that our team spent on manual reviews, remediation, and re-training developers, and allowed us to focus that saved time on new innovation instead.”

SugarCRM was already using OPA but understood that in order to scale, they had to codify policy and automatically deploy best-practices as they added more and more policies and clusters. After weighing the cost and resources associated with building their own management software on top of OPA, SugarCRM decided to deploy Styra DAS Enterprise. Now the production team is able to build, test, distribute and monitor automated authorization policy for their Kubernetes clusters, to eliminate errors before they make it into production.

With Styra DAS, SugarCRM has simplified policy enforcement with a built-in library of best practices, allowing the platform team to spend less time researching which policies are important and how to write effective rules. Instead they can spend more time on differentiated work, improving platform availability and reliability, and speeding time to market. Adding to the operational efficiency, all policy decisions can be monitored in real time and tracked historically. That means SugarCRM can look back at every “allow and deny” decision to prove to the team and their peers in security and compliance that their policy-based controls are effective over time.

“Styra DAS not only makes things easier, but functions as a safety net. It also allows us to stop being reactive, because there are simply fewer mistakes to react to. Styra policy-as-code guardrails deployed early in the app development deployment cycle means that only the right workloads make it into production. The impact is felt on operations, security and the bottom line,” concluded Arroyo.