It’s a SaaS-driven world inside today’s workplace. Business users have taken control over their organization’s data within SaaS applications in search of a much more collaborative and responsive IT experience. This has caused a fundamental shift in the security paradigm. The user has become the new perimeter. IT and security must now monitor user activity and actions closely, while maintaining the high standard of productivity employees have become accustomed to as a result of SaaS.
Security didn’t always fall on IT teams. During the days of defensible networks and firewalls, it was left up to security to protect the perimeter. But now, the dynamic nature of cloud and SaaS has created a new set of responsibilities for IT that didn’t exist before. Today, both IT and security teams require granular insight into user activities and interactions within SaaS applications—e.g., everything from sharing files, forwarding emails, granting elevated privileges, exporting reports, etc.—in order to automate visibility and affect action to protect the new perimeter.
The task of proactively detecting and mitigating risky behaviors, such as confidential file downloads, could be significantly more effective if IT and security pros were able to receive real-time alerts—or have the ability to shut down access in a manner non-disruptive to employees. This is true for any user action taken within a SaaS application that could compromise data. An alert in those situations would trigger workflow approval or automatic remediation that could ward off dangerous security breaches.
Luckily, this escalating security concern has given rise to a new movement in enterprise IT: SaaSOps. This paradigm introduces a new set of disciplines, processes, technologies and people required to successfully manage and secure SaaS applications. It’s an entirely new framework consisting of three parts: people and process, SaaS management and SaaS security—the latter being the most relevant to the topic at hand.
Here are the trends that led to the rise of this new perimeter.
Shift in Control from Organization to User
Access to cloud-based SaaS applications has created an entirely new business environment and opened up a completely new approach to performing daily operations. Business lines now leverage unprecedented opportunities to drive innovation, collaboration and overall employee experience; and can launch new products and services at speeds previously unimaginable.
Today’s workers expect seamless access to multiple PaaS, IaaS and SaaS services. The downside is that allowing access has significantly decreased IT’s ability to control user activities and interactions within these services and applications. The result is a dramatic weakening of their physical control over confidential company data. A failure to adjust to the shift in control from the organization to the user can lead to nightmarish consequences.
New Status Quo Now in Effect for a Mobilized Workforce
Today’s professionals work from anywhere, at any time, using multiple devices. This is having a profound effect on how businesses operate, with many now providing access to SaaS apps as part of their daily operations. SaaS allows organizations to compete, collaborate and remain engaged. But with devices and data living off-premises, protecting networks from security breaches must shift with the times.
That means IT and SaaSOps teams must proactively account for the multiple unmanaged devices and entry points—from smartphones to mobile devices to tablets and wearables, and more—being used outside the LAN and from any number of locations. The proliferation of SaaS in the enterprise means work can now start on one device and continue on another, rendering the traditional perimeter obsolete. The new perimeter is in full effect and there’s no turning back.
Insider Threats Driving a New Paradigm
Insider threats must now be considered a major part of the new paradigm, according to recent reports and research, which show that 90% of organizations report feeling vulnerable. As company leaders take greater responsibility for cybersecurity, internal attacks must be kept top of mind. The business impact of an insider threat and/or attack can no longer be underestimated.
The Dangers of Blind Trust
Securing user access is a positive first step, but there’s so much more that can be done. As hackers continue to evolve and discover new ways to navigate around authentication efforts, trusting users without hesitation is a reckless mistake—especially given the proliferation of SaaS usage. Even users with no evil intent can act dangerously due to the openness and collaboration possible inside SaaS apps.
There’s also the harsh reality that some users are willingly conducting egregious activities. Being able to closely monitor their behaviors and interactions allows you to see in real-time if your data is exposed or if any suspicious activity is occurring. More importantly, it allows you to move quickly to shut it down.
New Perimeter Created by Users
The new perimeter in today’s modern security landscape is the user, as they are closest to the data assets today’s SaaSOps teams are trying to protect. Proactively monitoring all user interaction activities will help to stop any security threat from the get-go and prevent confidential business data, trade secrets, intellectual property and employee and customer data from being compromised.
Data is a living and constantly shifting entity. With that always in mind, SaaSOps teams must focus on the users within their organization who have access to the most sensitive data. Always understand what they’re doing and stand ready to react quickly—whether files are being shared publicly or forwarding corporate email to a personal Gmail address with malicious intent.
One key point to remember: Exerting control is critical to SaaS security, but not at the expense of employee and business productivity. That’s why it’s imperative to establish a healthy balance between user experience and control by instituting non-disruptive policies via the right set of SaaS management applications.