Avery Dennison needed visibility into its security posture as it adopted a multi-cloud infrastructure.
Avery Dennison needed to let developers build new digital tools and services without security slowing them down.
As Avery Dennison is evolving into a digital-first business, securing its new product offerings was critical.
Wiz provides Avery Dennison with a singular view of its multi-cloud environment, including identifying misconfigurations, providing context on vulnerabilities and insights into the most critical risks.
Wiz automatically routes issues to Avery Dennison’s development teams in tools that are already part of their workflow, empowering developers and saving considerable time.
Wiz allows Avery Dennison to maintain customer trust by providing an end-to-end platform for cloud security.
Building a future-proofed digital strategy
When you’re an established business looking to embrace the opportunities new technologies present, keeping data and systems secure is key to success. A prime example is Avery Dennison, a global designer and manufacturer of labeling and functional materials. With a story that goes as far back as 1935, the company sought to future-proof its organization by migrating to the cloud.
Avery Dennison’s digital journey is well underway, with digital products already being delivered to customers, including atma.io, a platform that assigns unique digital IDs to everyday items, enabling tracking, storage and management of all events associated with each item.
Jeremy Smith, whose role as VP, Information Security Officer at Avery Dennison spans everything from factory protection to digital security, explains that Avery Dennison’s shift to digital presented new security challenges. That’s because the move from on-premises to cloud entailed adopting and securing multiple clouds and Kubernetes.
"We were trying to solve a problem that didn’t have a simple answer. We had to figure out the appropriate security stack for our distributed landscape and we spent a lot of time looking at native security solutions within our cloud environments,” says Smith. “What we quickly found was that it was difficult to piece together solutions from different cloud providers to come up with a good cloud security posture – even understanding misconfiguration was hard within these tools.”
Gaining visibility into a multi-cloud estate
An evaluation against a range of solutions concluded that Wiz could provide Avery Dennison a prioritized view of risks in its multi-cloud environment, complete with context on the risk and remediation.
There are a lot of products out there that will give you a lot of alerts, and then you have to go through and determine which ones are higher risk. Having the context in Wiz to be able to assign a risk score right away is really helpful.Jeremy SmithVP, Information Security Officer, Avery Dennison
Additionally, during the initial proof of concept, Avery Dennison quickly saw Wiz’s impact. “Working with previous security solutions that required developers to install agents very quickly saw security projects stall,” says Smith. “Security cannot be a blocker – solutions need to be easily accessible and useful for developers.”
Avery Dennison initially deployed Wiz to new cloud products being built in Microsoft Azure, and since then has secured its multi-cloud estate across Amazon Web Services, Google Cloud, and Oracle Cloud Infrastructure. Wiz’s agentless solution enabled Avery Dennison to set up easily with only minor configuration. “We use most major cloud providers and saw immediate value as we deployed Wiz. We found misconfigurations and other issues, and Wiz gave us visibility into the overall security posture in our cloud that we couldn’t easily stitch together with other solutions.”
A streamlined, developer-centric, easy to understand process
With different development teams working in different clouds, routing the right issues to the right people can be a challenge. With Wiz, it was easy. Today, Avery Dennison automatically sends prioritized tickets for security vulnerabilities to the right developers within the tools they are already using, making security a natural part of their workflow, and saving considerable time.
“One of our biggest worries was whether our developers would understand what issue to remediate as they received alerts,” says Smith. “It hasn’t been a problem, because the alerts are written in an easily understandable way and with a risk level assigned - meaning developers don’t need to spend time determining which alerts to tackle first.”
Our developers now see security vulnerabilities as issues that they own and that they need to address. It’s no longer just an IT security problem.Jeremy SmithVP, Information Security Officer, Avery Dennison
Thanks to the automated assessments Wiz delivers, Smith’s security team is able to save time and focus on addressing other areas of risk. “For example, we were able to implement a new process where our developers are mandated to get rid of unused cloud resources – which also saves us money – and to remediate those items left offline, so they don’t pose a risk as soon as someone clicks the ‘power on’ button.”
Making progress towards zero trust security
Entitlement management is a particularly important use case to moving forward with zero trust security, given how easily role-based access rights to cloud environments can be overprovisioned. On top of that, entitlements across cloud providers can often vary and be difficult to standardize.
“We’ll continue to mature Wiz in that area of focus, because managing role entitlements — understanding what and why a service is being used and why someone was granted certain rights when they’re being provisioned — is critical to our overall zero trust initiative,” explains Smith. This initiative is part of a strategic program to expand Avery Dennison’s security focus from protecting internal IT infrastructure to building trust with customers and securing the new digital products the business delivers.
A secure, digital-first company
Avery Dennison’s information security teams are now more closely aligned with business leaders and Smith regards Wiz as a game-changer in ensuring the business can continue its digital journey.
Our cloud journey is revolutionizing the company, so it’s critical we’re able to secure it. Wiz is our end-to-end platform for cloud security, and an important part of that journey. It’s been a game changer for us and the go-to security tool we use for our cloud infrastructure.Jeremy SmithVP, Information Security Officer, Avery Dennison