SaaS SECURITY
CONTINUED
Winning arms race But Markus adds that it is important to keep the threat in perspective. “While they may be juicy targets, one advantage that most SaaS service providers have is they are quite large and well-resourced,” he says. “They have extensive in-house skills and good awareness of current threats and how counter them. That makes it less likely that any attack will penetrate their defences. Even so, we’d still advise that all other preventative measures are put in place to ensure data is as well- protected as possible.” Dr Klaus Schenk, SVP Security and Threat Research at Verimatrix, adds that SaaS in the cloud is in better shape to win the cybersecurity arms race against hackers. “This is for several reasons,” he says. “The cloud model provides inherent security advantages based on centralisation, scale and agility. “SaaS providers have dedicated cybersecurity teams composed of experts who rapidly analyse threats across their massive customer ecosystem. This birds- eye network effect spots trends early. Standardised architectures also allow coordinated defence evolutions across customer instances. Cloud automation enables fast reaction to new vulnerabilities. “Of course, the adversaries continue evolving as well. Attacks grow more frequent, automated and destructive using AI and social engineering. Supply chains and third parties introduce new weak links. But SaaS providers counter by sharing intelligence and best practices globally. Their continuous learning, coupled with the cloud’s innate structural advantages, enables customers to focus on business goals rather than security one-upmanship. Together, SaaS and cloud reinforce each other’s strengths in a secure symbiosis that tilts the odds favourably against the barrage of cyber threats.” Reseller role To keep customers’ SaaS solutions secure, resellers have a vital role to play. “True SaaS security requires examining the full technology stack,” says Dr Klaus. “Resellers should start by identifying the foundational cloud provider. Industry leaders like AWS, Azure and Google Cloud supply robust native security services and global threat intelligence. Understanding available tools and practices establishes a baseline. “Resellers should then probe SaaS vendors on how they utilise and complement the cloud’s
capabilities. Specifically, whether they employ a cloud-native architecture optimised for security, follow rigorous frameworks like ISO 27001, integrate monitoring for rapid threat detection and conduct ongoing audits and penetration tests. Detailed incident response plans and independent certifications also demonstrate diligence. By aligning questions to the shared responsibility model between cloud and SaaS, resellers elicit meaningful conversations around security partnerships. Customers gain assurance that providers mutually reinforce strong, adaptable protection.”
“
However, we
know attackers are targeting them and will keep targeting them and there will always be someone who will accidentally share financial data or
confidential information.
”
Richard adds that resellers should start simple in their conversations with customers. “Get them thinking about how many SaaS applications they are currently using and what is the security strategy around them?” he says. “Often most end users will be at the early stage or just in denial! However, we know attackers are targeting them and will keep targeting them and there will always be someone who will accidentally share financial data or confidential information. “Companies need to have a proper strategy as they will be using applications no matter what, but security cannot be assumed, and since it sits outside of the normal security network, it can be scary! However, it’s still their data and they need to protect it, whether it’s through managing identity or managing applications.” Greg Jones, vice president of business development EMEA at Kaseya, adds that resellers need to have many conversations with customers covering various topics. “This includes data protection and privacy,
34
Powered by FlippingBook