The data is in. According to IBM Security’s 2020 Cost of a Data Breach
Report[1], there is a 50% increase
in cloud usage for enterprises across all industries. The number of
threats targeting cloud services, predominantly collaboration
services like Office 365,hasi ncreased 630%[2].
Moreover, 75% of respondents report that discovery and recovery
time from data breaches has significantly increased due to remote
work during the pandemic. Although organizations can save over $1
million if they discover a breach in the first 30 days, the average
reported response time was a whopping 280 days.
In the remote-work world, SaaS apps have become an enticing
vector-of-choice for bad actors. Just think of the typical
employee, working off-site, untrained in security measures, and how
their access or privileges increase the risk of sensitive data
being stolen, exposed, or compromised.
However, it doesn’t have to be that way — a company’s SaaS
security posture can be strengthened, and SaaS configuration
weaknesses can be avoided. SaaS Security Posture Management (SSPM),
as defined by Gartner, is critical to the security of today’s
enterprise.
As Gartner’s own Tom Croll asserts in 3 Steps to Gartner’s
SaaS Security Framework (December 2020):
“Increasingly, business-critical data is being processed by
applications that exist entirely outside the corporate network,
making traditional controls ineffective.
New controls are needed to address these new realities,” He
continues, “SSPM tools allow enhanced controls to further protect
data stored in the most commonly used SaaS applications. Core
capabilities include monitoring the configuration of native SaaS
security settings, reporting non-compliance and auto-remediating
violations to maintain alignment with multiple compliance
frameworks.”
The Emerging Solution
There are many offerings in cloud security, but the SSPM
solution is the only one that assesses the company’s SaaS security
posture in a customized and automated manner, tailored to the
specifications of each application and to company policy. And it’s
not a one-time assessment — it is an ongoing process that monitors
and reinforces the company’s SaaS security.
Yet, this foundational security step is often overlooked for a
variety of reasons. Many people don’t realize that there are two
sides to securing company SaaS apps. While SaaS providers build in
a host of security features designed to protect company and user
data, it is ultimately beyond their control. Just as in any other
part of the network, the IT or security team is responsible for
protecting and managing the data, configurations, user roles, and
privileges, regardless of their location.
For enterprise organizations, ensuring that all the SaaS apps
are configured properly and have the correct user roles and
privileges is not only a never-ending, time-consuming endeavor but
an impossible one.
The Challenges to Managing the SaaS Security Posture
Dynamic and ever-changing — The SaaS
environment is dynamic and continually updating. As employees are
added or removed and new apps onboarded, permissions and
configuration must be reset, changed, and updated. In addition,
continuous compliance updates and security configurations are
needed to meet industry standards and best practices (NIST, MITRE,
etc.), and security teams need to continuously ensure that all the
configurations are enforced company-wide, with no exceptions. With
a typical enterprise having an average of 288 SaaS[3]
applications, this involves hours of continuous work and effort and
is not sustainable.
Each app is a world unto itself — Each SaaS
application has its own security configurations for compliance,
like which files can be shared, whether MFA is required, whether
the recording is allowed in video conferencing, and more. The
security team has to learn each application’s specific set of rules
and configurations and ensure they are compliant with their
company’s policies. As they are not the ones using the apps on a
daily basis, they are rarely familiar with the settings, making it
even harder to optimize the configuration.
Configuration management overload — The number
of apps, configurations, user roles, and privileges that an
organization needs to manage and monitor grows with every onboarded
app. If you break it down into numbers, a typical enterprise has
hundreds of SaaS apps. Each app has up to hundreds of global
settings, not to mention enterprises that have thousands to tens
(even hundreds) of thousands of employees. Security teams have to
learn hundreds of app setups and monitor thousands of settings and
tens of thousands of user roles and privileges — an impossible and
unsustainable scenario.
No clear visibility or direct management— Most
SaaS apps are purchased and implemented in the departments that
utilize them most; for example, an automation SaaS solution
generally sits in marketing, a CRM in sales, and cloud computing,
productivity, and collaboration tools in IT. These SaaS apps hold
critical data on the company’s clientele and business projects.
The SaaS owners are often not trained in security or vigilant in
the continuous needs of configuration and posture. The security
team ends up being in the dark about the security protocols in
place and, more importantly, are not focused on the exposure or
risk.
Handling SaaS Security
In the remote-work world, organizations are even more vulnerable
to SaaS security configuration weaknesses. Luckily, security teams
can now turn to SSPM solutions, like Adaptive Shield[4], to automate their SaaS
security processes and address the challenges detailed above.
In business-critical apps, such as Salesforce, Office 365,
G-Suite, and Zoom, the right SSPM solution can provide deep
visibility and remediation for potential vulnerabilities in a
company’s SaaS security posture, from misconfigurations and
misappropriated privileges to suspicious SaaS usage. They are also
adept at following the trail of policy changes and violations,
making it possible to identify the source of accidental,
intentional, or malicious alterations.
These SSPMs are built to streamline and improve the security
team’s efficiency, reducing their workload and stress, while
increasing protection from potential exposures or breaches.
With no-code technology, Adaptive Shield enables security teams
to easily see, monitor, and remediate all their company’s SaaS
(mis)configuration and user role information for an endless array
of SaaS apps: from video conferencing platforms, customer support
tools, HR management systems, dashboards and workspaces to content,
file-sharing applications, messaging applications, marketing
platforms, and more.
Learn more[5]
about how Adaptive Shield prevents misconfigurations and
vulnerabilities in your SaaS estate that could lead to a leak or
breach.
References
- ^
2020
Cost of a Data Breach Report (www.ibm.com) - ^
i
ncreased 630% (www.mcafee.com) - ^
288
SaaS (www.blissfully.com) - ^
Adaptive
Shield (www.adaptive-shield.com) - ^
Learn
more (www.adaptive-shield.com)