Un-managed SaaS data access creates risk

No Comments
SaaS

According to a new report 40 percent of all SaaS assets are un-managed, leading to a greater degree of internal, external, and public access to sensitive data.

The report from data access company DoControl categorizes data by insider and external threats. It finds that, in companies analyzed, an average of 400 encryption keys are shared internally to anyone with a link.

In addition 20 percent of SaaS assets are shared internally with a link, exposing many employees to data points they are not authorized to view. Eight percent of employees also share their corporate account assets with their personal account, exposing company data to employees on an ongoing basis.

Turning to external threats, the study finds between 1,000 and 15,000 external collaborators (vendors, contractors, customers, partners, prospects, media, analysts, etc.) have access to company data. Between 200 and 3,000 external (specifically third-party) companies also have access to company assets, and 18 percent of SaaS application assets are shared externally and remain shared externally even after deleting users.

"The past year forced many organizations to collaborate with many external parties and adjust their existing workforce to support remote collaboration," says Adam Gavish, CEO and co-founder of DoControl. "To date, security practitioners have focused on enabling SaaS access in a secure manner, but now is the time to prioritize the relevancy of this data access internally and externally. Unmanageable data access poses a significant risk to any organization and increases the likelihood of a data breach. While SaaS apps are designed to promote collaboration, this also creates an ever-growing attack surface that requires attention to ongoing data access at scale. DoControl is committed to helping organizations ensure that no unauthorized person has access to company data, all without slowing down business enablement or changing the end-user’s day-to-day work."

The full report is available from the DoControl site.

Photo credit: Alexander Supertramp / Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

TEAMGROUP unveils MP44Q M.2 PCIe 4.0 SSD

Cyberwarfare incidents reported by almost half of UK firms

Ransomware, meet DRaaS: The future of disaster mitigation

Get 'Modern DevOps Practices -- Second Edition' (worth $39.99) for FREE

Number of ransomware victims up 20 percent in first quarter of 2024

Low-code tools boost developer productivity

Cisco warns of serious CLI command injection vulnerability in its Integrated Management Controller

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

61 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Install the KB5035942 update for Windows 11 to gain all of the Moment 5 features right now

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.