SaaS Security Case Studies
Spencer Fane Establishes Firmwide SaaS Security and Risk Management
Spencer Fane implemented AppOmni to achieve fine-grained visibility and control over its SaaS environment. The firm streamlined security operations, automated policy enforcement, and strengthened compliance across a growing portfolio of cloud applications, ensuring data protection for its clients in highly regulated industries.

The Challenge
With clients in highly regulated sectors, Spencer Fane faced growing risks as data spread across private cloud and SaaS applications. The firm’s security team needed:
- A complete view of the overall SaaS attack surface and application configurations
- Better identity and access management to understand “who is doing what” across many apps
- Streamlined processes to review policy baselines, guide app owners, and prioritize remediations
- Centralized security oversight for a rapidly expanding and distributed application environment
Ownership of applications was distributed among business, IT, and partners, making it difficult to enforce consistent security controls. Manual processes required reviewing one application at a time and left gaps in visibility and control.
Read how Spencer Fane centralized SaaS security to meet client and regulatory requirements.
“Our administrator was able to onboard the M365 application over lunch. ServiceNow took a couple of more hours to bring both the development and production environments under management. But we were up and running within a few hours.”
— Wai Sheng Cheng, Information Security and Risk Manager, Spencer Fane
The Requirements
Spencer Fane needed a SaaS security partner that could support:
Requirements
How AppOmni Addresses Them
Rapid, Low-overhead Deployment and Management
Easy onboarding, specifically M365 and ServiceNow up in hours with minimal admin effort
Fine-grained Security Insights and Centralized Visibility
Delivers detailed policy and configuration data across all SaaS platforms
Automated, Low-noise Policy Enforcement and Alerting
Prioritizes findings and enables targeted, actionable change management
Seamless Integration with SIEM and Other Systems
Exports normalized logs for analytics and compliance reporting
Scalable Support and Responsive Service
Provides U.S.-based support and timely technical assistance
The Results
With AppOmni, Spencer Fane’s security team:
- Achieved centralized SaaS security visibility for M365, Salesforce, ServiceNow, and more
- Prioritized changes and set up effective change management processes with application owners
- Automated policy violation detection and remediation, reducing manual review from days to hours
- Improved understanding of the company’s security posture by integrating logs with its SIEM
- Surfaced and managed SaaS-to-SaaS connections as part of ongoing governance and risk management
Why It Matters
Spencer Fane now ensures data security and compliance for its clients while supporting business growth and agility. AppOmni enables a shared commitment to security across teams, providing actionable insights, rapid remediation, and the foundation for firmwide risk management.

About Spencer Fane
Spencer Fane is a leading U.S. law firm with over 900 employees and offices in 26 cities nationwide. The firm is recognized for workplace satisfaction, client service, diversity, and growth, and supports clients across financial services, healthcare, and defense. Information Security and Risk Manager Wai Sheng Cheng leads a dedicated security team to protect the firm’s sensitive data across a complex application portfolio.
Industry
Legal Services
Employees
900+
Saas Apps

Use Cases
- Configuration Management
- SaaS Security Visibility
- Identity and Access Management
Related Stories
-
Global asset management firm achieves perfect SaaS audit with AppOmni
AppOmni empowers a global asset management firm with perfect SaaS audit, full visibility, and complete compliance.
-
How BluOcean Cyber revolutionized SaaS security and risk management
Learn how BluOcean overcame its client’s challenges with SaaS misconfigurations and how AppOmni’s SaaS security platform helped build a scalable, proactive SaaS security program.
-
How Rightmove secures and optimizes its expanding SaaS estate with AppOmni
Rightmove, the UK’s top property portal, strengthened security through insights and pre-configured policies with AppOmni.