Background & Context

At the time of this project, our CrS (Customer Support) teams were using a tool called Godmode to access and troubleshoot Spotify for Artists (S4A) accounts. While functional, Godmode presented serious security risks due to broad access permissions, inconsistent control across feature teams, and no standardized revocation system. I led the effort to replace this with a secure, feature-level access system—what we called the S4A Mirroring MVP—designed to give CrS teams the tools they needed without compromising user safety.

The Goal

My goal was to fully migrate all AS3 advisors and CrS internal support off Godmode and onto the new Mirroring system by mid-Q2 2022. We aimed to reduce security risk while maintaining (and ideally improving) operational efficiency. This meant enabling CrS to autonomously troubleshoot S4A issues without engineering dependency, while ensuring access could be granted and revoked in a secure, auditable, and standardized way.

The Problem

S4A access was being granted inconsistently across product teams, with no centralized standards or reliable revocation process. That left the platform vulnerable: when an employee left Spotify (or a vendor), we had no scalable way to ensure their access was revoked. It also slowed down support workflows, created a dependency on feature teams, and introduced manual overhead. I needed to create a system that offered precision access control without adding friction for CrS advisors.

The Hypothesis

I believed that by introducing a mirroring system scoped to individual features—rather than full-platform admin—we could significantly reduce risk while still enabling CrS to operate efficiently. I hypothesized that this system would not only allow for more granular permissioning but also decentralize access decisions to feature owners, allowing us to scale support safely and autonomously. A critical part of this approach was ensuring mirrored actions were fully logged in our internal audit system.

The Solution

I defined and drove the execution of the S4A Mirroring MVP, which enabled advisors to access specific customer accounts via a secure, one-time session (initially using Browserstack and later via token-based access). The solution allowed advisors to request access with a predefined reason, and all actions were logged in the MA activity log for transparency. We designed for the ability to hide mirrored activity from the customer-facing logs, and we scoped advanced features like team-level access mirroring and high-risk account restrictions. I also coordinated decision-making across engineering, security, and the CrS org to align on the safest path forward for launch.

The Results

We successfully migrated 100% of CrS advisors off of Godmode by mid-Q2 2022, without disruption to daily support operations. The new system allowed for automatic revocation of access when employees left Spotify or vendor firms—no manual oversight required. We also reduced dependencies on feature teams, empowering CrS to troubleshoot 100% of issues within their workflow. This was a significant risk reduction for the org and laid the foundation for scalable internal access management across multiple support surfaces.

Conclusion

The S4A Mirroring MVP was a foundational project in building a more secure and scalable support ecosystem at Spotify. It balanced the often competing needs of security, efficiency, and autonomy—a tricky triangle to navigate. Leading this work deepened my ability to operate cross-functionally, work closely with security and infrastructure teams, and ship under high-stakes compliance requirements. I’m proud of how this project protected both our users and our business without slowing anyone down.