Industry: Consumer Services; Product
Location: Barcelona, Spain
Operating in 25 countries at a current valuation of nearly +$1 billion, Glovo is one of Europe’s fastest growing startups. Based in Spain, Glovo delivers restaurant takeout orders, groceries, pharmacy, and other products to 4.3 million urban users. The company aims to place in a leaderboard of the “quick-commerce” market in Europe with its convenient ordering app and ultra-rapid delivery times of less than an hour. In the past year, Glovo more than doubled its employee count to more than 3,000.
When Alexander Antukh joined Glovo in August 2020 as its director of security, some employees used personal password managers while most used nothing at all. Weak passwords were frequent and people shared them among teams, often through the company’s messaging platforms.
“Passwords were almost useless,” said Antukh. “Yes, there is a password but if everybody knows it, or you can easily find that in the password lists through brute force, then it's not very good protection.”
The security team began requiring more complex passwords, but a new challenge emerged. Because the complex passwords were harder to remember, people wrote them down or stored them on their computers, which undermined the point of creating a strong password.
Antukh was already a Bitwarden user prior to joining Glovo. He was especially drawn to the transparency and third-party security audits inherent in an open source solution.
“Bitwarden explicitly says, ‘You don't even have to trust us. That's how we work, you can host it yourself.’ It's definitely appealing,” said Antukh. “So I decided to give it a try and never went back.”
At Glovo, Antukh made a pitch for Bitwarden. He touted the solution’s end-to-end encryption and cross-platform accessibility that let users access Bitwarden from any device. He spoke of flexible integration capabilities that make it easy to add on tools such as two-factor authentication or single sign-on (SSO). And he showed how Bitwarden would simplify security audits and compliance with detailed event logs, as well as increase employee productivity.
Antukh’s argument for Bitwarden convinced company leaders. Glovo purchased a flexible subscription that can scale for the future.
Open source transparency
Cross platform and device
Robust customer support
Third-party security audits
Antukh appreciates the open source nature of Bitwarden that “brings transparency in how it helps to verify security and to quite openly say, ‘This is how we operate. This is what our values are.”
In addition to transparency, performance is key. With Glovo scaling quickly, Antukh needs an enterprise grade password manager that keeps up.
“We found that it is very easy to work with,” he said. “When we created our first collections, when we were able to audit the access log, when there were granular permissions, and I saw the work for new features such as Bitwarden Send—that was all quite useful. User experience is also quite good.”
Glovo uses Bitwarden with SSO, which allows employees to use one set of credentials to access multiple cloud applications. Bitwarden integrates with SSO to improve the user experience of accessing applications, while maintaining the zero knowledge encryption approach to password security.
Bitwarden provides audit trails that let Glovo security teams track user and group access to sensitive data. Antukh liked “the fact that we can inspect audit logs, and we could use that for compliance purposes. It's easy, and it's nice to set the permissions in the way we want to.”
When Glovo deployed Bitwarden, employees received initial instruction on the importance of using it. The company has seen adoption steadily increase as people cared more about the security of their passwords and reduced unnecessary or unsecure sharing. Now, when they share passwords, they do it through Bitwarden.
“We saw more and more that security champions, who are genuine security-minded people in our company and who are not part of the security team, also started to promote Bitwarden,” said Antukh. “Once people started to experience that ease of use and security can go together with Bitwarden, adoption was natural.”
Bitwarden is a vital solution within the Glovo security ecosystem. Antukh looks forward to further strengthening the company’s data protection. The team recently completed a security maturity audit, in which Antukh identified key areas for improvement.
“Once we build that strategy, we will pursue it in the next year,” he said. “It will be mostly related to how we improve processes, how we improve access management and user management. And for sure, Bitwarden will be an important part of it.”
To see what Bitwarden can do for your business, start a free trial today.