You need to enable JavaScript in order to use the AI chatbot tool powered by ChatBot
Home
 >  
Case Studies
 >  

How Treasure Data Replaced Manual Access Tracking with Continuous Identity Governance

"We wanted an efficient way to manage user access and ensure the right permissions for our team while keeping track of who accessed what and when. Moving to CloudEagle.ai made all the difference; it improved our security, streamlined access governance, and made SaaS management so much easier."

- Mathew Abraham, Senior IT Manager, Treasure Data

80%
reduction in over-provisioned access
1,200+ hrs
saved annually on access reviews and audit evidence
90% faster
user provisioning and deprovisioning across SaaS apps

80%

reduction in over-provisioned access

1,200+ hrs

saved annually on access reviews and audit evidence

90% faster

user provisioning and deprovisioning across SaaS apps
Problems
Challenge
  • Managing user access across a growing SaaS stack was fragmented, creating security and compliance risks.
  • Over-provisioned access and delayed deprovisioning left unnecessary standing access across critical applications.
  • Manual access reviews made SOC 2 preparation slow, requiring weeks of audit evidence collection.

Solutions
Solution
  • CloudEagle.ai centralized access management across every SaaS app into one platform.
  • RBAC and Just-in-Time access enforced least privilege automatically across users and permissions.
  • Continuous access reviews generated audit-ready evidence by default for faster compliance preparation.

Profit
Result
  • Least privilege became the default, reducing over-provisioned access and standing access from former employees.
  • Onboarding and offboarding moved from days to minutes with automated provisioning and deprovisioning workflows.
  • Access reviews became continuous, with audit evidence generated live instead of assembled manually.

Challenge

Treasure Data’s growing SaaS stack made manual access management difficult and fragmented. Permissions drifted over time, leaving over-provisioned access and standing access from former employees across critical systems.

New hires also faced delays in getting the right access, slowing productivity and creating unnecessary dependency on manual provisioning. IT lacked one clear view of who had access and why.

Quarterly reviews required manual effort with limited context, while SOC 2 evidence had to be assembled retroactively, turning audit preparation into a multi-week process. 

Solution
  • CloudEagle.ai gave Treasure Data one source of truth for user access across every SaaS app.
  • RBAC enforced least privilege by assigning users only the permissions required for their role.
  • Just-in-Time access granted elevated permissions only when needed and revoked them automatically.
  • JML automation connected provisioning and deprovisioning directly to HRIS events for faster lifecycle management.
  • Continuous access reviews and audit-ready reports replaced manual evidence collection for compliance.

Why CloudEagle.ai?

Treasure Data evaluated several solutions and chose CloudEagle.ai for these reasons:

  • Delivers true end-to-end access governance beyond basic SSO provisioning and manual lifecycle management.
  • Enforces least privilege by default through RBAC and Just-in-Time access controls.
  • Generates continuous access reviews and live audit evidence instead of quarterly compliance scrambles.
  • Provides deep visibility into roles, permissions, and activity for better reviewer decision-making.
  • Extends the same governance model to AI tools like ChatGPT Enterprise and Claude.

Impact

Least Privilege Enforced Across Every App

  • Reduced over-provisioned access by 80% through RBAC and Just-in-Time access controls.
  • Elevated permissions now expire automatically when their time window ends, removing the need for manual revocation or follow-up.
  • Standing access from former employees no longer lingers after exit events, because JML Automation ties deprovisioning directly to HRIS leaver flags.

Access Reviews Became a Continuous Process

  • Access reviews shifted from quarterly manual cycles to a continuous process driven by usage and activity data.
  • Reviewers now work from full context (roles, entitlements, last activity, sensitivity) rather than untriaged user lists, eliminating the rubber-stamping pattern.
  • Saved 1,200+ hours annually on access reviews and audit evidence preparation.

Faster Provisioning and Deprovisioning

  • New hires receive the right access on Day 1 through role-based auto-provisioning tied to HRIS events, with no manual ticket queue.
  • Provisioning and deprovisioning became 90% faster through automated JML workflows across SaaS apps.
  • Leaver events trigger deprovisioning across every connected SaaS app in a single workflow, closing access in minutes rather than days.

The Transformation

Before CloudEagle
Limited visibility into who had access to which SaaS apps, with data stitched together from spreadsheets and admin consoles.
Manual provisioning delayed new hires and left ex-employees with standing access.
Slow, incomplete access reviews that drifted into rubber-stamping under reviewer fatigue.
Inconsistent access policies were applied unevenly across apps.
SOC 2 evidence is assembled manually each cycle, consuming weeks of IT time.
After CloudEagle
Check box
Real-time, centralized view of user access across every SaaS app in one dashboard.
Check box
Automated JML workflows provisioning new hires on Day 1 and deprovisioning leavers the moment HRIS flags an exit.
Check box
Continuous access reviews with full context on roles, permissions, and activity.
Check box
RBAC and Just-in-Time access enforcing least privilege as the default, not as a policy to maintain.
Check box
Audit-ready reports generated by default, turning SOC 2 preparation into an export rather than a project.

Achieve similar success with CloudEagle!

Book a demoContact us

Other case studies

Rec Room Automated Employee Offboarding and Saved $1.5M Annually with CloudEagle.ai
CloudEagle.ai Helped Rec Room Transform and Optimize License Management
How a Fortune 500 Financial Services Firm Got Full Visibility Into AI Spend, Risky Apps, and Sensitive Data Exposure