Organizations should have free access to their SaaS attack layer
By Galit Lubetzky Sharon, Co-Founder & CTO, Wing Security
While security budgets were not the first to be impacted by recent economic challenges, security buyers are now carefully examining their purchases. Rightfully so. This is best practice for times of prosperity and inevitable in times of financial instability. While security never sleeps and malicious players never stop (especially in times like these), the first question security leaders need to be asking themselves is, where am I most vulnerable? Where are the potential open doors into my organization?
As SaaS usage keeps growing, its decentralized and easy nature brings an abundance of security challenges in the form of an ever-growing SaaS attack layer. Each application added to the organization is a potential open door for malicious players to abuse. The proof is, as always, in the numbers. Here is a taste of what we at Wing Security learned from hundreds of companies who use our free self-service SaaS shadow IT discovery tool:
In 71.4% of companies, employees were using an average of 2.4 SaaS applications that were breached in the past 3 months.
73.3% of all permissions that were given to applications by the users were not in use for over 30 days.
On average, 58% of SaaS applications are used by only one employee, raising questions about their necessity – and making it unlikely that they were known and protected by the security team.
This large potential attack surface can easily be minimized, but it all starts with visibility.
You cannot secure what you cannot see.
So, “seeing” should be the basic first step, and more importantly – a basic free step. Time and time again, I see our customers astonished by the number of applications their employees are using without going through Security or IT for approvals. These applications completely bypass organizations’ IAM/IM because, as can be seen in the data above, most applications are on boarded as a quick fix for an ad-hoc business problem. They are given permissions into the organization’s data, often write-permissions. They are used once and forgotten about, but the tokens are still there, and the data is still at risk.
A small to medium-sized organization has hundreds of SaaS applications in use. With larger organizations, we see a four-digit number of SaaS applications. The first step to proper SaaS Security Posture Management, or SSPM, is to gain visibility into the SaaS attack layer. That’s any and every SaaS application in your environment. Discovery is not just an inventory list; it’s a clear view into which applications are safe and which are potentially putting you at risk. For example, applications that were recently breached and are used by your employees with access to your data.
Once you have that first step covered, you can prioritize the risks and start remediating. Or use a good SSPM solution to do that for you in an automated way. The risks around SaaS security typically revolve around three main pillars: Risks related to the applications themselves, the users who use them, and the data that flows through them. A proper SSPM solution should provide automated remediation to at least some aspects of all three.
Regain control of your SaaS Usage.
When considering today’s economic climate with today’s savvy security buyers and their needs, the reasoning behind a free SaaS security solution becomes clear. First things first – show unconditional real value. When security and IT leaders gain true visibility into the problem at hand, remediation becomes the next obvious step and priority. Visibility should be a basic security service provided free of charge in a completely self-served way.
About the Author
Galit Lubetzky Sharon, Co-Founder & CTO of Wing Security.
A retired Colonel from the prestigious 8200 Unit, Galit Lubetzky Sharon has vast, hands-on experience designing, developing and deploying some of the Israeli Defense Forces’ most vital defensive and offensive cyber platforms as well as leading large development teams. Galit was an integral part of developing the IDF’s first cyber capabilities and continued improving and enhancing these capabilities throughout her military career. She is the recipient of numerous accolades including the prestigious Israeli Defense Award. Galit Co-Founded Wing Security and is Chief Technology Officer, leading the company’s cutting edge cyber security technology.