Leading Biotech Firm Discovers Data Security & Identity Weak Spots with Symmetry

ABOUT
A publicly traded biotechnology company with a platform-based approach to therapeutic and preventive medicine tailored to immuno-oncology, infectious, rare and autoimmune diseases.
Industry: Bio-Technology
Size: 1,000-5,000 Employees
ABOUT CUSTOMER
191 AWS Accounts in Organization
- 122 known internal accounts,
- 12 known external third-party accounts
- 57 unknown accounts
3,608 Amazon S3 buckets

Kickoff
Week 1
Week 2
Critical Findings

AI Risks from Untrustworthy Data
Amazon SageMaker discovered training on HIPAA transcripts, explicit content, and untrusted scraped data, violating multiple compliance frameworks

Sensitive Data Everywhere
Sensitive data (PII, medical illness (HIPAA) data, business-critical data) found in 98 buckets across 24 AWS accounts, including 57 previously unknown accounts.

Supply Chain Risk
1419 vendor identities with access to the environment, accounting for over 10% of all unused permissions. 3 vendor identities were identified with access to data stores containing proprietary trade secrets.

“I want access to Symmetry DataGuard like yesterday."
Principal Cybersecurity Engineer
About Symmetry Systems
Symmetry Systems is the Data+AI Security Company. We safeguard data at scale, detect threats, ensure compliance & reduce AI risks, so you can Innovate with Confidence. Our Data Security PostureData security posture refers to the current status of the ca... More Management platform is engineered specifically to address modern data security and privacy challenges at scale from the data out, providing organizations the ability to innovate with confidence. With total visibility into what data you have, where it lives, who can access it, and how it’s being used, Symmetry safeguards your organization’s data from misuse, insider threats, and cybercriminals, as well as unintended exposure of sensitive IP and personal information through use of generative AI technologies.