10 Ways to Take Control of SaaS Apps and Shadow IT

Karen A. Frenkel Avatar

Updated on:

10 Ways to Take Control of SaaS Apps and Shadow IT

Identify Employee-Supplied AppsIdentify Employee-Supplied Apps

IT can define and enforce a cloud security strategy only if it is aware of the applications in use. It’s essential to discover cloud apps that employees provision on their own.

App-Associated RisksApp-Associated Risks

Once you have discovered an employee-supplied app, know it’s security practices, data center location and regulatory compliance obligations. Know how employees use it and whether they have configured the application security settings to your policies and industry best practices.

Step-Up AuthenticationStep-Up Authentication

Because users access cloud apps from off-site, via mobile, and over insecure networks, evaluate potential risks in context and automatically apply additional security measures, like a one-time passcode.

Corporate and Personal Mobile AccessCorporate and Personal Mobile Access

Employees access cloud apps from corporate and BYOD devices, which contain copies of sensitive documents and are especially vulnerable to attacks. Cloud app providers don’t distinguish between managed or unmanaged BYOD devices–but enterprises should.

Monitor User and Administrator ActivityMonitor User and Administrator Activity

To protect data stored in the cloud, know what’s there, who’s accessing it and what they are doing. Administrator or “privileged” accounts are hackers’ targets, so watch the watchers when it comes to SaaS apps.

Watch for Account TakeoversWatch for Account Takeovers

Hackers are focusing on stealing cloud app credentials to walk in the “front door.” Consider adding capabilities that detect anomalous activity to prevent account takeover attacks.

Know Where Company Data IsKnow Where Company Data Is

Data centers are spread across the globe, so information may get placed in jurisdictions your corporate governance policies or security compliance mandates do not permit. Obtain up-to-date reports on where cloud service providers store data and make an informed decision about whether to sanction their use.

Extend SIEM to the CloudExtend SIEM to the Cloud

Security Incident and Event Management (SIEM) systems are critical for correlating data to understand risk and identify potential threats to data center resources. But cloud applications operate outside the range of enterprise SIEM deployments. Aggregate standardized activity logs across cloud apps to extend SIEM to the cloud.

Implement Controls to Enforce Security PoliciesImplement Controls to Enforce Security Policies

In the layers of security implemented to protect the on-premises data center typically do have no impact on cloud apps, so IT lacks the ability to define consistent usage and access policies across all cloud apps and cannot effectively enforce them. Cloud Access Security Brokers can help.

Pay Attention to User AccountsPay Attention to User Accounts

Identify them before malicious insiders, ex-employees or hackers get to them. Abuse of orphaned or dormant accounts can go on for a long time, leaving the organizations foldable to data exfiltration and exposure of sensitive data and corporate secrets.

Karen A. Frenkel Avatar