Extenda Retail Chooses Styra DAS to Operationalize OPA at Global Scale
OPA and Styra DAS provide Extenda Retail with a unified approach to authorization that speeds deployment, increases productivity and proves compliance
REDWOOD CITY, Calif. — September 14th, 2021
Styra, Inc., the founders of Open Policy Agent (OPA) and leaders in cloud-native authorization, today announced that Extenda Retail, the Nordic-based software provider for leading retailers, has adopted OPA and Styra Declarative Authorization Service (DAS) as a unified approach to authorization and access control for their customer retail platform.
Extenda Retail’s mission is to help retailers grow their business while also improving customer experience. As more and more of their customers moved to the cloud, Extenda Retail developed the Hii Retail platform, which translates to “High Intensity Intelligent Retail.” Hii Retail provides key services that improve global retailers’ flexibility, agility and speed-to-market, from concept to store roll-out.
However, as they moved to the cloud, Extenda Retail’s engineering team realized that they had a problem at the authorization and policy level. They found that legacy, centralized authorization failed to scale or meet their compliance needs, and that rearchitecting authorization for cloud-native was more complex than anticipated. The team needed a flexible authorization solution with a consistent way of writing policy to control access to their microservices-based applications at customers’ sites. Since customer sites are globally distributed, and have varying levels of Internet access, Extenda also needed a solution that made authorization decisions locally and immediately. To meet all these needs, the team turned to OPA and Styra DAS.
Decouple Policy with OPA
OPA allows teams to decouple policy logic from service proxies, so Extenda Retail developers didn’t need to hardcode rules into the app services, or the proxies themselves. In other words, their developers can read, write, analyze, version, distribute and in general manage access policy without making any changes to the app architecture itself. This decoupled policy reduces the risk of introducing bugs and errors into the app, and greatly simplifies authorization policy changes.
Having a flexible consistent way of writing policy and authorization enables the Extenda Retail team to focus on innovative features for their core products, rather than writing policy directly into a specific set of services and proxies. However, the company knew that if they wanted to scale OPA at both the cloud and local level, they needed a solution to help manage all of their instances of OPA, across all the various apps within the Hii Retail platform, and help ensure all their policy decisions were in compliance with regulations.
Manage OPA and Prove Compliance with Styra DAS
Styra DAS is the unified control point for OPA, that allows the Extenda Retail team to create and collaborate about policy, make policy changes in a single place, and then push those changes to the relevant instances of OPA locally in the stores. Styra DAS eliminates the need for manual updates or custom policy distribution scripts, which leads to less risk of accidental error.
“Authorization is hard to get right,” said Shayne Clausson, VP of Engineering at Extenda Retail. “We don’t want teams to have to focus on that. We want them to be able to get to the interesting part of their services. By using Open Policy Agent and Styra DAS to decouple policy from the underlying services, our team can easily ensure we are meeting compliance regulations so they have more time to focus on innovation.”
Extenda Retail operates in a heavily regulated environment. Without the use of Styra DAS, the team would be forced to manually track policy decisions for each instance of OPA. When compliance is critical, this method is risky. Styra DAS mitigates this risk with real-time monitoring and detailed logging of OPA decisions, so the Extenda Retail team can prove compliance both internally and externally.
“We built Styra DAS for exactly these kinds of deployments,” said Tim Hinrichs, co-founder and Chief Technology Officer of Styra. “When millions, or even billions, of OPA decisions are required, and thousands of OPA instances are deployed, Styra DAS is the only way to manage all those OPA instances and prove compliance based on those decisions. Styra DAS is the only way to operationalize OPA at scale.”
Read the full Extenda Retail and Styra case study here.
Learn more about securing your cloud-native solutions with Styra.
About Styra
Styra, the founders of Open Policy Agent (OPA), provides open source and commercial solutions that enable enterprises to define, enforce and monitor authorization policy across their cloud-native applications, as well as the infrastructure they run on. Styra policy-as-code solutions let developers, DevOps and security teams mitigate risks, reduce human error and accelerate application development.
About Extenda Retail
Extenda Retail inspires retailers to go further through frictionless and game-changing software, which helps retailers grow their business and optimise their customers’ experience. The extensive portfolio of solutions includes Hii Retail cloud applications, POS (point-of-sale) & Checkout, WMS, Customer Intelligence & Loyalty, and Pharmacy software. With over 40 years as an industry-leader in retail software development, hundreds of retail chains with a presence in 37 countries across the globe utilise solutions by Extenda Retail. Learn more at www.extendaretail.com or follow on LinkedIn.