Virtualization Technology News and Information
How Visibility Can Close the SaaS Security Gap

By Vincent Berk, Chief Security Architect, Riverbed Technology

With remote work now solidified as the norm, many businesses are turning to cloud and software-as-a-service (SaaS) applications to ensure operations run smoothly and teams can stay productive. Gartner predicts that SaaS revenue will reach $140.6 billion by 2022, up from $102.1 billion in 2019. Low-maintenance, cost-effective, scalable, and accessible to employees in dispersed locations, SaaS seems built for our new way of working. To get the most benefit and least risk from SaaS applications, organizations need to shake the perception that these applications are inherently secure and take steps to ensure they have tools in place that can quickly recognize threats. Tackling these challenges can be daunting, and it helps to have a field guide for how the landscape has changed over the past year and where threats are likely to emerge. Here's what you should keep in mind on your journey to more secure SaaS-based operations:

New ways of working give rise to new threats

With employees largely working remotely, organizations have to account for business activity outside the bounds of controlled corporate networks. While we're all aware of best practices like using VPNs that maintain a degree of security while working from home, many employees choose to bypass these measures for the sake of convenience. Staff are increasingly avoiding business-sanctioned SaaS applications in favor of those that they're more comfortable with and allow them to work faster, albeit less securely. An employee could get annoyed when their file share takes too long over a VPN and subsequently decide to rely on WeTransfer or a similar service, venturing beyond your IT team's visibility. This growing form of shadow IT has created security gaps that can quickly become chasms as more employees adopt more expedient, yet dangerous norms into their everyday working habits. 

Reliance on personal - or at least unmanaged - devices only compound this problem, making it much more difficult to detect dangerous activity and isolate users when they have been compromised. The list of risks to SaaS applications is long. Phishing, malware, compromised browser extensions, and nefarious apps are all more prevalent than ever in remote working environments each could give bad actors a direct path to valuable proprietary and personal data. If we're serious about preserving the flexibility and creativity that working from anywhere has unlocked, this lack of visibility is simply unacceptable.

Narrowing the visibility gap

The benefits of remote working are real. Collaboration apps such as Zoom and Slack have experienced a drastic increase in usage. Zoom alone has expanded its customer base five-fold since last year. These apps aren't going away anytime soon. To get the most out of them, we need to address the security risks inherent in SaaS.

The first step in tackling these challenges is crafting a detailed, deliberate plan for choosing which SaaS solutions your business will deploy. Opting for the most popular or seemingly cost-effective solutions out of the gate will lead to trouble down the track. The easy deployment and redeployment of SaaS may lead decision makers to assume savings through flexibility; shifting from one SaaS offering to another to maximize value. While there could be reductions in spend, every change represents a significant security threat and wide window of vulnerability. IT teams need time to learn the patterns of normal accesses in order to properly monitor new systems. Users are similarly vulnerable to phishing while still learning the ins and outs of these tools. Continual changes leave your business continually vulnerable to attacks.

Organizations should take into account not just the cost of solutions, but also the comfort and familiarity employees will have with the tools within the first few uses (so that they won't just give up and move to other apps). Even more important, available options should be assessed based on how easily and to what extent your IT team can maintain visibility over them. Some of the most popular videoconferencing tools, for example, don't possess end-to-end encryption and, as such, have been the target of many breaches over the past year. The last thing any organization wants is baked-in vulnerability to interception, eavesdropping on confidential business calls or exposed messages that can easily become fodder spear phishing campaigns. These very real risks are rarely factored into business decision making. This was especially the case when we all had to make a quick pivot to WFH last spring. Now, to redeem control and bolster security, enterprises should take an honest, comprehensive look at working habits, vulnerabilities, and the long-term costs of a hastily-devised SaaS strategy.

To truly begin closing the security gap, businesses also need to collect as much data from across the virtual enterprise as possible. In our current work environment this includes the traditional network border, the user's laptop, and their application log in. More data collection adds greater depth to your understanding, so you'll be able to spot malicious activity faster. Expanding your monitoring capacities to encompass both the security and performance of your workforce makes it even easier to understand the whole picture and protect the entire enterprise. With the right software and mechanisms in place to provide this view, IT teams will be less burdened by the complexity of dispersed operations and can quickly address threats as they arise, keeping employees safe and data secure.

There's no denying that SaaS applications and hybrid workforces are the future of business operations. Those that take ownership over this expanded IT ecosystem, relying on the right tools and SaaS selection strategies to see them through, will get the most benefit from the new way of working.



Vincent Berk, Chief Technology Officer and Chief Security Architect, Riverbed

Vincent Berk

Vincent Berk is Chief Technology Officer and Chief Security Architect at Riverbed, responsible for setting the vision and strategy for networking solutions in the cyber security space. Berk joined Riverbed through the acquisition of FlowTraq, an enterprise security analytics company where he served as founder and CEO. Previously, Berk taught computer science at Dartmouth College. He has a Ph.D. in machine learning and large scale data analytics from Leiden University and holds several patents in the application of large scale data analytics in cyber security.

Published Friday, April 16, 2021 7:31 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2021>