Report identifies key areas where MSPs should focus SaaS Security
efforts by analyzing trends and activities of over 15M SaaS App events and the
anonymized application security records for over 750 small-to-mid sized
businesses and more than 30,000 end-users.
SaaS Alerts
released the results of its first-ever SASI (SaaS Application Security
Insights) Report. The report, scheduled to be released semi-annually, reveals a
shocking trend of over 3,000 Brute Force Attacks per day [against the current
SMBs being monitored by the platform] and sheds light on risky file- sharing
behavior and the top countries where bad actors are originating their attacks
on SMBs.
During the period dating January 1st to May 31st, 2021, SaaS
Alerts monitored over 15M events and gathered and analyzed anonymized SaaS
application security records for over 750 small-to-mid sized businesses and
more than 30,000 end-users.
Access and visibility into this unique dataset provides SaaS
Alerts a comprehensive and timely view of the current state of SaaS Application
Security within the SMB market - and more specifically, within SMBs who are
served by MSPs.
Additionally, the report provides insight into how MSPs are
currently pricing and marketing their new SaaS Security Monitoring services. "Overall, the findings in our
first-ever SASI report emphasize that MSPs need to reassess their security
posture when it comes to protecting their customers' SaaS Applications. We
believe that sharing this data will help MSPs to identify strategies and
develop new processes to manage customer security in a data environment now
increasingly dominated by off-premise resources," said Jim Lippie, CEO for SaaS
Alerts. "Our goal is to continue to share this critical information in the hopes
that together with our MSP Partners, we can better navigate the current
cybersecurity threat landscape and enhance our understanding to better combat
the risks that lie ahead."
With this inaugural edition of the report, SaaS Alerts has now
made a commitment to release its findings twice a year - and as the platform
grows to include more users, these insights will become increasingly more
valuable and give MSPs a more comprehensive view of the SMB threat landscape.
Businesses of all sizes are now shifting to SaaS applications and
away from locally installed applications. Naturally, at the same time, the data
environment is also shifting - from local devices and network servers to
Cloud-based data creation and storage.
This transition requires that technology service providers
reconsider the notion of protecting users and networks and reimagine how they
think about users and how they follow user behavior. This is accomplished by
understanding how user negligence impacts a company's security posture while
also appreciating how bad actors are able to compromise SaaS environments.
In the first half of 2021, SaaS Alerts saw an average of 3,000
brute force attacks per day leveraged against 750+ small businesses while
also uncovering a significant attack vector stemming from common user behaviors
such as neglectful file-sharing practices and using M365 and Google Workspace
credentials for authenticating third- party integrated applications.
These threats will not just go away, they will continue as the
data in SaaS applications is valuable to bad actors and their attacks are
successful enough to warrant continued effort. Meanwhile, end users will
continue to take shortcuts, share anonymous files and bypass safeguards in the
name of convenience and increased productivity. As a community of technology
professionals, with the right tools and a commitment to regular hygiene, many
of these risks can be mitigated.
The SASI Report analyzes the current threats, trends and
activities of SaaS Application users and provides valuable insights to help
MSPs protect the companies who they serve.
Report analysis was carried out using proprietary anonymized data
gathered via the usage of SaaS Alerts pursuant to its Master Services
Agreement. This and other data is used by SaaS Alerts to identify security and
access trends in order to further advance its product and offerings and in
order to meet the needs of its growing MSP partner community and the end
customers who they serve. User and business information is anonymized to
protect corporate and individual usage data.
For more details and to download a complimentary version of the
report, visit: https://saasalerts.com/sasi-report/