Unico IDTech Case Study
Streamlining SRE Operations and Enhancing Security with Hoop.dev
Background and Challenges
Unico is the leading digital identity solutions provider that simplifies the lives of millions of people and enhances the business of the largest companies in Brazil.
Unico has been recognized as one of the fastest growing companies in its space, presenting both opportunities and challenges. Their database ecosystem, featuring a diverse array of engines including Postgres, SQL Server, MySQL, and MongoDB, had evolved into a sprawling and complex landscape. This complexity led to several critical challenges:
Access Control: The absence of centralized database access management exposed them to security vulnerabilities, including unauthorized access and potential data leaks.
Auditing: Without comprehensive monitoring and auditing, identifying and addressing database issues became increasingly difficult, risking performance degradation and security compromises.
Compliance: Ensuring adherence to information security regulations and standards, such as LGPD and GDPR, necessitated robust control and compliance mechanisms for their databases.
User Privacy: Safeguarding user data against breaches became paramount, especially with stringent data protection laws in effect.
Innovation Speed: The inefficiencies in their database management system were hampering their ability to quickly develop and deploy new products, directly impacting their competitive edge.
Discovery and Implementation
The Site Reliability Engineering (SRE) team embarked on a transformative journey to optimize their operational efficiency and security posture. Initially staffed with 25 talented engineers, they recognized the potential to streamline operations through automation, allowing them to scale down the team while maintaining, if not improving, their service quality. The end goal was to significantly improve their database and container management capabilities, while proving the value of strategic automation in modern IT operations.
Unico’s team tried to tackle the challenge of access management and auditing by building a proprietary solution inhouse. Despite the significant time and resources invested, their home grown solution failed to meet expectations in several key areas. It was inadequate in addressing core needs and notably lacked the capability to ensure privacy by masking data during queries.
The search for a solution led them to Hoop.dev. Unlike their initial proprietary attempts, Hoop.dev stood out for its comprehensive approach to database security and efficiency.
Implementing Hoop.dev was a strategic move to alleviate the TOIL associated with managing database access requests. Within the first month, the tool not only streamlined access management but also provided valuable usage metrics, enabling them to better focus their product development efforts on user needs and features by identifying the most common queries in Hoop.
Usage and Integration
Hoop.dev quickly became an integral part of their daily operations, with over 200 software engineers utilizing it across more than 400 connections to 50 databases. Its Access Control and AI Data Masking plugins were particularly beneficial, offering easy implementation and immediate value.
Impact and Outcomes
The adoption of hoop.dev led to significant operational improvements:
Systems Coverage: 200 software engineers utilizing Hoop.dev across more than 400 connections to 50 databases
Build vs Buy: Overcame challenges of building internal system that ultimately fell short after investing significant time and resources
Increased Security: Using AI Data Masking, sensitive data is automatically obfuscated, with setup taking less than one day of one engineer’s time. Database access is seamlessly controlled and has a full audit trail.
Increased Efficiency: The process of managing database accesses, previously a 10-day ordeal, was reduced to a single day, freeing the SRE team from 40 monthly requests and enabling faster development cycles.
Increased Resources: Reallocated 25 engineers to higher impact projects and initiatives
Product Development: Hoop.dev provided valuable usage metrics, enabling them to better focus their product development efforts on user needs and features by identifying the most common queries in Hoop.
“Our satisfaction with hoop.dev is profound, particularly impressed by its ability to meet our stringent security and privacy requirements. The tool's impact on our operations has been positively received across the board, with teams praising its seamless integration and robust security features.
For organizations facing similar database management and security challenges, Hoop.dev offers a compelling solution. Its centralized access management, comprehensive auditing, and adherence to privacy standards can significantly mitigate risks while enhancing operational efficiency. We highly recommend hoop.dev to any company looking to streamline their database operations and bolster their security posture, driving forward innovation and competitive advantage.”
- Leandro Ikeda, Site Reliability Engineering Manager