SaaS SECURITY
access to what they need to. “One Identity will manage the privilege of users to ensure if someone does get compromised the damage they can cause is minimum,” he says. Meanwhile for malicious insiders – people wanting to take or steal data that they can access anywhere – a DLP solution such as Netskope can help protect SaaS applications, he adds. Zero trust Neil Langridge from e92 adds that zero trust should be considered. “Not a product, but a framework is used based on ‘never trust, always verify’ where cybersecurity solutions are used to verify all devices and users when accessing corporate resources, including those SaaS apps outside the perimeter,” he says. “We’re seeing this shift from an enterprise-only option to an approach available to SMBs as cloud-delivered cybersecurity lowers the cost and complexity barriers to access more advanced tools.”
“A platform approach and consolidating solutions is the way forward – but not to the point of putting all your eggs are in one basket. Partners also need to recognise that container utilisation is continuing to grow. More code will be stored in the cloud and more compute instances will be needed – virtual and physical – and security will need to be baked into all of them from the outset.
Purpose-made Lance Williams, chief product officer at Distology, adds that the best solutions are purpose made, such as SaaS Security Posture Management (SSPM) technologies, like Adaptive Shield and Obsidian. “As ever, identity and access management (IAM) sits at the heart of the defences though and IAM solutions need to integrate with SSPM and vice versa to get the best results,” he says. “Key things to consider in the security of SaaS are user (people) and entity (i.e. machines) behaviour, device security, password management and multi-factor authentication. “Your IAM solution secures from the front and your SSPM solution continually scans and assesses for vulnerabilities. Finally, it’d be remiss to overlook security awareness training and testing solutions – these play a key role alongside the security defence systems to educate people on what good looks like and how to avoid bad behaviour. If you can integrate SAT with your messaging security, as Ironscales do, then you’ve got a robust defence for your people. “SaaS is more straightforward to impersonate than on-prem apps, as its cloud provisioned and so interaction with third party login is the norm. Is it difficult to keep ahead of cybercriminals? Always. SaaS therefore suffers the same fate – educate your users, protect their identities, tighten up security on the SaaS and deploy a tool to continually assess your SaaS security posture.”
He adds that evolving the approach is essential. “Including it as part of the cybersecurity technology stack brings
benefits such as continual updates, flexible deployment and a cloud-first architecture that’s designed for today’s multi-cloud world,” he says. “That will also drive a strategy for customers that needs to encompass data, devices and apps outside of their perimeter – including social media, spoof domains and stolen data on the dark web. Organisations no longer have a network perimeter to manage and secure, but a complex intertwined web of connections, and data can be held anywhere.” Alison Nixon, director – security business unit, UK, TD SYNNEX, adds: “A robust cloud and data security posture management strategy would take a multi-layered approach that includes everything from next-gen firewalls and XDR for endpoints, through to advanced threat protection and intelligence and data loss prevention – and more in between. “There needs to be a ‘zero trust’ mentality for SaaS security management and it needs to scale, be developer friendly, and make security easy to incorporate. There needs to be a continuous and rigorous SaaS security strategy that focuses on business outcomes such as reduction of friction and employee and customer productivity. “Taking the right SaaS security posture will also bring gains in compliance and governance, whether it be NIST or any other framework.
“
SaaS is more
straightforward to impersonate than on-prem apps, as its cloud provisioned and so interaction with third party login is the norm.
”
CONTINUED
www.newsinthechannel.co.uk
33
Powered by FlippingBook