How Figment is using Teleport to deploy timeboxed identity-native zero trust access

Figment is a blockchain infrastructure staking provider, operating on over 60 blockchains, providing infrastructure for customers to stake their tokens and earn rewards. They provide feature-rich, intuitive API’s and applications making it the most seamless crypto staking experience on the market.

Why Figment chose Teleport

Like any other blockchain-based web3 company, Figment faces a lot of unique challenges when it comes to securing their infrastructure access. Due to the nature of how much monetary value rests on the blockchain protocols they interact with daily, Figment is very much an attractive target for malicious actors. Coupled with the inherent decentralized nature of the blockchain enterprise, and the physical decentralization of their remote employees: secure, auditable access controls are critical. To tackle these unique challenges, Annalea Ilg, Figment’s Chief Information Security Officer, has turned to Teleport.

Timeboxed identity-native zero trust access

One of the largest benefits that Teleport provides to Figment is the elimination of manual security overhead. Rather than having security engineers manually monitor activities on sensitive infrastructure resources, Figment has instead taken advantage of Teleport's auditing and session-recording features and achieved a zero-trust security model. As Ilg says, “It's added a lot of efficiencies not only to our auditing and internal auditing, but it allows us to have more of a zero-trust type security.”

“One of the amazing things I like about it is this just-in-time access, because engineers don't really need to have particular admin privileges.” Instead of using long-lived shared static credentials, Figment uses Teleport to give engineers the minimum permissions needed to get the job done at exactly the time they need it. As Ilg says, “It's more around the identity of the engineer and not necessarily credential-based, which is really great.”

When strengthening security posture it's important to not bloat existing workflows, or add additional overhead. Teleport simplifies existing workflows, integrating into applications like Slack, Jira and PagerDuty allowing developers to still use the tools they're most comfortable with. “Teleport integrates with a lot of our tools, like for approvals and checks and everything. So it's not like we have to dig into five different tools to see if there was a change, or who has access, or who's pre-approved,” as Ilg says. “This makes my life way easier.”

Blowing away auditors

Like many other security-minded companies, Figment has to pass periodic compliance audits to maintain various accreditations like SOC2 and ISO.

As Ilg says, “Teleport is really that security by design.” Along with being able to securely request access on the fly, another feature that the auditors were impressed with was the real-time session recording. “The session recording in real time is really big,” Ilg said.

With features like just-in-time access requests, RBAC mapped to identity and real-time session recording, Teleport helps reduce security overhead so your engineering and security teams can focus on what matters most.