Oct 24 2018
Managing Saas Part 4 – Improve Security
Alpin is now CoreSaaS.
Did you hear about the guy that accessed hundreds of internal Slack accounts and other SaaS software through SaaS helpdesks? Or the “Sign In With Google” Phishing attack? That’s why you need to improve SaaS security.
Rapid user growth in cloud apps, combined with a lack of oversight and lackadaisical user attitudes, means we should expect more issues in the future.
Unless you do something about it.
SaaS management gives you a platform and the information needed to take better control of your cloud software security. Here are some of the ways how:
Why Should You Care About SaaS Security?
Users sign up for SaaS more than anyone guesses. One study from Cisco found that enterprises use 1,200 cloud services on average. But fewer than 50 are known by IT.
Imagine you are a hacker. Does it make more sense to conduct phishing and social engineering on a single company’s core systems? Or target cloud software used by – but not actively monitored by – many companies?
Employees can and do store sensitive information in SaaS than anyone is comfortable with, such as sharing passwords in Slack channels.
How Does Alpin Help Improve Security?
Shadow IT can bring real problems to any organization. Our many discovery methods help with a big part of the issue – revealing shadow IT.
Alpin goes a step further, categorizing apps and rating the security of the permissions they have been granted to access your corporate data.
SaaS management with Alpin also offers tools that allow you to:
- See which applications have access to corporate data.
- Identify which applications contain personal information.
- Tag applications that contain intellectual property (IP).
Details On Improving Security
Seeing which applications have access to corporate data
Some app permissions grant expansive access to data. SaaS management provides a way to see what apps have which permissions from specific users. A SaaS management tool like Alpin can instantly sift right through a needle-in-a-haystack situation, revealing an exact list of apps and permissions, and the relevant vendors or users to speak to.
Identifying which applications contain personal information
More than merely gaining access, some applications may store personal or other sensitive information. These applications could be active… or they could be completely forgotten and connected to a deactivated user account no one could recall even if they tried.
With Alpin as your SaaS management tool, you can tag these applications so you have an always-up-to-date list of where personal and sensitive information is held outside the organization. It’s easy to see how that list will be extremely useful for compliance and security audits, vendor assessments, disaster recovery planning, and knowing who to contact if there’s a security breach.
You may even expect some applications, such as cloud storage providers, to store sensitive information. Alpin can help you identify where that data lives within the labyrinth of folders and if it could contain sensitive information. It’s Data Loss Prevention (DLP) for cloud storage.
Tagging applications that contain intellectual property (IP)
Tagging and reporting only on apps that contain IP gives you a way to shortlist some of your most important cloud vendors.
Why would you want that kind of shortlist? Most obviously, so you know where your IP has been stored so you can bring it back in-house and not leave it hanging out there with unused and unmanaged vendors. And, as with knowing which applications contain personal and sensitive information, a vendor list is useful for security audits, vendor assessments, disaster recovery planning, and knowing who to investigate in the event of a breach.
Controlling 3rd party access to your corporate data (blacklisting)
Blacklisting (available for companies using G Suite companies only. It enables you to permanently block any app from gaining access to the data inside your G Suite account. This allows use of “Sign In With Google” while preventing access from apps that are untrustworthy.