8gears uses Pomerium to secure cloud-native apps and ditch their VPN

When migrating to Kubernetes and a cloud-native environment, 8gears was looking to break free from a corporate VPN. They needed consistent user flow for all their internal applications, and to decouple authorization and authentication so authorization logic and application are always separate. Pomerium (working seamlessly with their IdP, Auth0) allowed 8gears to enforce centralized access management and least-privilege policy, integrate with security layers such as multi-factor authentication (MFA), and avoid the security and connectivity issues VPNs encounter. This freed 8gears leadership from excessive ongoing maintenance, so they can focus on product development and customer service.

Ditch the VPN

Pomerium empowered 8gears with a more secure, reliable remote access option.

Consistent user flow for all internal applications

No more need to individually manage authentication, authorization, and access controls across multiple endpoints.

Little ongoing maintenance

Pomerium’s easy integration with 8gears’ internal apps means little to no ongoing maintenance.

Vadim Bauer
Co-founder
“It’s the capabilities, the authentication and authorization concepts that are built-in, and the auth providers to choose from – this is something that’s unique among the reverse-auth proxies that are there..”

Vadim Bauer has worked in IT for over two decades. He started his first company at 14, and now runs his most recent venture 8gears.

Company Background

8gears enables SaaS companies to develop and deliver cloud applications. Their recently released product, SaaS Factory, provides companies with the building blocks necessary to accelerate their SaaS and cloud transformations. 8gears also consults SME’s and large enterprises, applying their expertise to help developer teams build and scale secure applications in cloud-native environments.

8gears’ Challenges

8gears was drawn to Pomerium about a year ago when they started migrating to Kubernetes and a cloud-native environment. After beginning to integrate cloud-native apps such as Grafana and Elastic Search, it became apparent that reinventing the authentication and authorization wheel for every app would be extremely inefficient. 8gears wanted a consistent user flow for all their internal applications instead of having to individually manage authentication, authorization, and access controls across multiple endpoints. 8gears also wanted to decouple authorization and authentication, ensuring that the authorization logic is always separate from the application itself. Finally, 8gears desired a more secure and reliable option than a traditional VPN for remote access.

Choosing The Right Tool

8gears – and Vadim specifically – has had experience with many authentication and authorization solutions before settling on Pomerium. Vadim has used Gatekeeper as a reverse proxy, CloudFront from Amazon to enforce authorization at the edge, and Ory for its user management and identity-aware proxy capabilities. So why Pomerium? Vadim says of Pomerium’s differentiators:

It’s the capabilities, the authentication and authorization concepts that are built-in, and the auth providers to choose from – this is something that’s unique among the reverse-auth proxies that are there.

Vadim Bauer, Co-founder of 8gears

Implementing Pomerium

Pomerium is now an integral part of 8gears’ security portfolio. Working in tandem with their identity provider (IdP) of choice, Auth0, Pomerium enables 8gears to enforce centralized access management and least-privilege policy, integrate with additional security layers such as multi-factor authentication (MFA), and avoid security and connectivity issues they were experiencing with their VPN.

Now that Pomerium has been integrated with 8gears’ internal apps, there has been little ongoing maintenance required. With Pomerium delegating access controls in the background, Vadim can focus on leading his team at 8gears, developing his own product, and serving his clients. Vadim now suggests using Pomerium as the de-facto authentication and authorization solution for any new application he develops, both internally and for the companies he works with.

Looking Ahead

Looking ahead, Vadim has started ideating about how to design future business applications leveraging Pomerium. Some early ideas include using Pomerium to provide more advanced authorization concepts by having Pomerium act as a policy enforcement point for apps that generate their own dynamic access policy based on Open Policy Agent (OPA). Vadim is also looking forward to trying out the new features in Pomerium’s up-coming enterprise version, which will include streamlined configuration, centralized management dashboards, and support for Kubectl – a feature Vadim is particularly interested in. A huge thank you to 8gears and Vadim for their support of Pomerium. If you would like to check out 8gears’ new product, SaaS Factory, click here.

Revolutionize Your Security: Achieve Compliance Hassle-Free!

Embrace Seamless Resource Access, Robust Zero Trust Integration, and Streamlined Compliance with Our App.

Download Now
Download Now