All the keys to avoid SaaS misconfigurations
However, SaaS has its drawbacks:
In this regard, in a 451 Research survey, almost half of all participants mistakenly believed that data protection was the sole responsibility of SaaS providers.
As you may have already seen, SaaS has many virtues, but also some drawbacks.
SaaS misconfigurations and recommendations
Data breaches often occur, to which sometimes the loss of data must be added. In many cases they are the consequence of incorrect SaaS configurations. Thus, in the 2020 Verizon Data Breach Investigations Report, it was revealed that these types of configuration-related errors are the second largest cause of data breaches. In addition, it was revealed that they represent approximately one in three violations.
Without a doubt, some misconfigurations are the most common and often those files or data are located in a cloud service.
In that sense, organizations tend to be only as vulnerable as the weakest security configurations they have in place for their SaaS applications. Incorrect SaaS configurations can be a starting point for cybercriminals to end up with our data. Now, it's time to talk about those measures that we can use to improve and strengthen our security.
System administrators must use multi-factor authentication
Without a doubt, SSO has become an important element in securing access to SaaS applications. However, there are some users who can bypass this control. An example in which this control can be avoided is due to maintenance reasons. Thus, most SaaS providers allow system owners to log in with their username and password, even though SSO is enabled.
In this case, the solution is to ensure that mandatory multi-factor authentication is enabled for these super users. If we rely only on the username and password, for this type of user it can be very dangerous. In the event that those credentials of an administrator fall into the hands of cybercriminals, they will be able to access the account with the consequent risk to the entire organization.
Good management of external users
Today, many organizations exchange data using collaboration tools. The sharing of information through the use of external users is a good way to get closer to your suppliers, partners and customers. However, if it is not done properly, we can run the risk of losing control over our data.
Therefore, we must correctly define a good collaboration policy with external users, and establish the appropriate limitations in all SaaS applications. In short, external users should only access the applications they need, and they should only have access to the information that applies to them.
Shared mailboxes can be dangerous
A very common practice among companies is the use of shared mailboxes to receive financial or other information from clients. Generally, in companies we find that, approximately for every 20 workers on average, we have a shared mailbox.
These types of emails tend to generate several major problems:
- They do not have a clear owner.
- It is used by a lot of people with whom it is more likely to have credentials stolen.
- As there are many users, for convenience, the password is never or rarely changed.
Therefore, they present a serious problem and Microsoft recommends that you block logon for shared mailbox accounts and keep them locked.
Perform audits to maximize visibility and control
A security expert must audit her network so that he can learn the missing information. The objective is to know all the points of our network, and obtain maximum visibility of it. When auditing, default actions are often sufficient for many companies. However, for other organizations they may not be enough and end up becoming a major security flaw.
Before starting, we must be clear about whether the default audited actions are worth it, or if we need to perform some extra action. After the audit, we have to understand what we are seeing and what we are not, to plug the security gaps.
Maintain control of our data at all times
Our goal is to maintain tight control of our data. An information leak will result in a loss of prestige, which an organization will have a hard time recovering. A customer's trust can be lost in the blink of an eye. As we add SaaS applications and our network grows, the situation becomes more and more complex. A good measure is to identify the resources that are publicly exposed such as panels and forms etc. and protect them properly.
How to set up a SaaS correctly
Following the steps that have been laid out in this tutorial may be a good idea to start with. We have already seen that SaaS misconfigurations often lead to security breaches and data loss. One of the companies we could do this with is Adaptive Shield which allows us to unify all SaaS security controls into a single, easy to manage standardized view.
This way we can easily obtain access control, data leak prevention, malware protection, password management, account review, spam protection and more.