Opal: Employee App Access & Management

The Problem of Excessive Employee Access

Do you recall the incident in 2017 when a contractor at Twitter briefly deactivated Donald Trump's account – for a duration of eleven minutes? Stephen Cobbe, a co-founder of Opal, highlights this as a prime illustration of the risks associated with granting overly permissive access to a company’s core systems.

Based in both San Francisco and New York, Cobbe’s company is focused on assisting businesses in the creation of intelligent user access policies. They also specialize in the automation of reviews concerning existing access points within organizations.

Finding the Right Balance

Cobbe explains that organizations frequently fall into one of two extremes regarding access control. They either provide access that is excessively broad, or they impose restrictions that are unduly stringent.

Cobbe’s team is comprised of individuals with backgrounds from companies such as Dropbox, Scale, Brex, MuleSoft, and Palo Alto Networks. His personal experience at Dropbox revealed the difficulties inherent in managing access at a large scale.

Organizations typically establish access policies defining the permissions associated with different roles. However, real-world scenarios often deviate from these neatly defined structures, as Cobbe points out.

Addressing Existing Solution Shortcomings

“The ability of an employee to act independently, as seen with the Twitter case, stems from having too much access,” Cobbe stated in an interview with TechCrunch. “Companies we consulted expressed dissatisfaction with current solutions when attempting to resolve this issue.”

Research involving interviews with 100 companies revealed a common pattern: each organization had independently developed its own internal tool to address this challenge, requiring continuous updates.

These tools often rely on SAML (Security Assertion Markup Language), which proves inadequate for managing the diverse range of systems utilized by modern companies.

Opal’s API-Driven Approach

Opal offers a different approach, transforming a traditionally rigid access model into one based on individual needs through the use of API integrations.

Businesses can access a centralized view of their engineering infrastructure, SaaS applications, and internal tools. Access requests are directed to the appropriate owner for approval.

Conversely, when an employee departs, access can be swiftly revoked with a single click by the designated owner.

Seed Funding and Future Plans

To facilitate further development of its platform, Opal successfully secured $1.8 million in seed funding, led by Greylock. Participating angel investors included Tim Junio (CEO of Expanse), Evan Reiser (CEO of Abnormal Security), and Andrew Peterson (CEO of Signal Sciences).

“The complexities of managing permissions at scale are well-understood by all enterprises,” noted Saam Motamedi, a partner at Greylock, in a formal statement. “The proliferation of systems introduces more potential vulnerabilities, necessitates increased auditing, and adds overhead to ensure engineers have the necessary access. Opal is addressing these challenges with a highly skilled team of security professionals, and we are excited to support their progress.”

Founded in 2020, Opal recently emerged from stealth mode. The company already serves customers such as Blend and Coffee Meets Bagel.

Cobbe indicated that the new investment will be used to expand both the engineering and business teams, but declined to share specific growth metrics. He also mentioned that the company anticipates raising another round of funding in the future.