Securing SaaS applications for a remote workforce [Q&A]
The current shift to remote working looks likely to have a long-term impact on the way businesses operate in future. But this raises issues over security and ensuring that misconfigurations don't lead to data being exposed.
How big is the risk and what are the key issues enterprises face? We spoke to Brendan O'Connor, CEO of cloud security specialist AppOmni to find out.
BN: Have businesses been caught out by the speed of the shift to remote working?
BOC: Without a doubt, the answer is yes. When the pandemic struck, businesses had to act swiftly in order to keep their employees safe while continuing to support their customers. IT teams had to make rapid technology changes, with very little preparation, to support the shift to a remote workforce.
BN: What are the most common problems leading to data exposure?
BOC: When it comes to cloud applications, misconfiguration and third party data loss are incredibly common. Misconfiguration is so common that Gartner has stated "Through 2025, 99 percent of cloud security failures will be the customer's fault." With the shift to remote work, many businesses made big technology changes very quickly. Its unimaginable that a technology shift that big, made that quickly, didn't create new avenues of exposure. We also see third party applications as the weak link in many data breaches. Users can connect third party applications to their company's cloud applications without needing to go through IT or Security. Through OAuth, users can grant all, or a subset of their privileges to an external application. Once authorized, that external application can connect directly to cloud services via API and start interacting with data. If that third party is compromised, their access to your data is compromised as well. Earlier this year Facebook's Twitter account was compromised. How did it happen? Facebook didn't get hacked. Twitter didn't get hacked. A third party application was compromised, allowing attackers to hijack that application's API privileges to the Twitter account.
BN: Why is Cloud Security Posture Management (CSPM) for SaaS so important?
BOC: After he was captured, infamous bank robber Willie Sutton was asked why he robbed banks. He allegedly replied, "Because that's where the money is." Why is CSPM for SaaS so important? Because that's where the data is. The enterprise runs on SaaS. Businesses aren't investing in monolithic on premise deployments anymore. CSPM for SaaS gives businesses the necessary tooling and automation that’s needed to manage security, compliance, and risks in the cloud environment. Everyone is moving to the cloud, and the pandemic has only increased the velocity.
BN: How can companies guard against misconfiguration of SaaS apps?
BOC: That is a huge challenge. Security teams need to evaluate the configurations, API connections, access controls and permissions, and inventory third party applications across multiple cloud providers and environments. It can be done manually, but that's a huge time investment and doesn't scale. These are living systems, which need to be continuously monitored. It is a job that's screaming for automation. The way to approach it is with 3 phases: First, assess your current risk by scanning your SaaS configurations and APIs. Second, remediate control failures and high risk findings. Lastly, put guardrails in place that alert the security team to configuration drift and changes to the cloud environments.
BN: You recently announced the release of Enterprise Essentials for SaaS. How will this solution help enterprises to securely return to business operations?
BOC: As enterprises increasingly rely on SaaS for their day-to-day operations, the security of data in SaaS, as well as adherence to industry best practices, is ever more critical. With many enterprises adapting to the new economic climate and supporting an increasingly remote workforce, their risk of data loss, data privacy, and compliance issues have grown exponentially. Misconfigurations, overly broad data sharing, and APIs exposed to the outside world create doorways for attackers to get in. Instead of trying to penetrate the corporate network to steal information, attackers now seek to pluck unsecured data straight from the cloud. Enterprise Essentials secures top SaaS applications enterprises depend on today for day-to-day operations for remote workers. The platform provides customers with an always-on dashboard that delivers visibility into the current state of their cloud/SaaS applications, deviations from their business intent, and a simple way to immediately verify the state of any application for both functional and security requirements. Deployment takes minutes and immediately integrates into existing workflows to provide actionable insight and visibility on day one.
BN: Are increased levels of remote working here to stay?
BOC: Absolutely. Remote work has become a necessity to support operations and business continuity for the foreseeable future. When Coronavirus is contained, whenever that may be, I think businesses will find that offering remote work helps them attract and retain employees. Businesses will have a tougher time competing for talent if they don't offer some form of remote work flexibility.