Overview
Operating across 19 metro areas, Divvy processes sensitive customer data across a modern cloud stack that includes GCP, Snowflake and Kubernetes.
Before P0, Divvy’s legacy PAM created overhead and slowed development.
The team needed a better way to control cloud access— one that supported just-in-time workflows, granular permissions, didn’t rely on proxies— and delivered a great developer experience.
Challenge
As a fintech company, Divvy needs airtight access controls for sensitive customer data, including Social Security numbers and financial records.
But their prior access setup created friction:
- Manual escalations: JIRA tickets, Slack messages and emails bogged down the platform team.
- Hard-to-deploy proxy: Their legacy PAM required a bastion in front of each resource, complicating cloud-native deployments like Snowflake.
- Limited entitlement control: Cloud-native IAM permissions couldn’t be governed via the proxy.
- Poor developer UX: Engineers struggled to request access and often didn’t know which roles or groups to use.
Divvy needed to reduce friction, improve governance and streamline the developer experience.
Solution
The Divvy team migrated to P0 Security in just a few days, following a single Zoom onboarding session and collaborative migration planning.
Using P0, Divvy now enables:
- Controlled standing access for Postgres and Snowflake, tailored to each developer’s needs.
- JIT access to CloudSQL, GKE, BigQuery and Snowflake— using GCP-native IAM.
- Slack-native workflows for streamlined requests and approvals integrated into developer workflows.
- On-call automation via PagerDuty to grant immediate access during incidents.
Results
- Reduced MTTR for access requests from hours to minutes
- Removed proxy infrastructure and legacy PAM dependency
- Automated approval flows and on-call access
- Surfaced visibility into excessive entitlements and keys