7 top tips on how to secure your SaaS applications
All organisations using SaaS (Software as a Service) need the right processes and tools in place to secure the data housed in their SaaS applications, and to keep it secure.
SaaS Applications now house enormous amounts of sensitive data and run critical business processes. As the footprint and complexity of an organisation’s SaaS environment grows, the exposure to risk increases.
The ideal solution should leverage the latest controls and security features, without adding additional workload or requiring new in-house expertise. It must also offer a quick and simple path to remediation and integrate seamlessly with existing processes and technology.
Before undertaking these tips it is prudent to identify see where your current configuraton stands. The SaaS security assessment from Peritus Cloud Security enables customers to easily review current configuration, critical misconfigurations, internal and external data exposure and compliance risk.
John Wheelan, Senior Director of Product Management, AppOmni, leaders in SaaS security, have shared their 7 top tips with us on how to secure the Saas environment.
1. Close critical configuration gaps. Some 55% of companies have sensitive data exposed to the internet, and misconfiguration is often to blame. The configurability that makes SaaS apps so powerful is also a weakness if not closely monitored. Get better visibility into the configurations of your SaaS platforms, beginning with those that house the most sensitive data and have the largest number of users. Consult best practices from the Cloud Security Alliance and other experts and close those configuration gaps.
2. Disable legacy authentication methods and protocols. The majority of compromising sign-in attempts come from legacy authentication, which does not support multifactor authentication (MFA). Even if you have an MFA policy enabled on your directory, a bad actor can authenticate using a legacy protocol and bypass MFA. The best way to protect your environment from malicious authentication requests made by legacy protocols is to block these attempts altogether.
3. Enforce higher security authentication requirements. An account is 99.9% less likely to be compromised if you use MFA.
4. Analyze and monitor conditional access rules. Attackers often make modifications to conditional access rules to open access permissions further or implement exception rules. Since these rules can be nested and complex, it's important to validate rules and enable continuous monitoring. Keep an eye out for any changes and IP block exceptions.
5. Assess third-party access. Third-party integrations and applications are often installed with high-level permissions and can be conduits for horizontal privilege escalation to other SaaS systems. Verify that third-party access and applications have been reviewed, approved, and are actively in use. To lower your risk of a third-party compromise, grant permissions and data access to third-party apps following the principle of least privilege and withdraw access as soon as it's no longer needed.
6. Identify public and anonymous data access permissions. Least privilege access offers you better protection as ransomware attacks proliferate and the tool sets to execute attacks are more broadly distributed. Data access modeling and third-party app analysis can help identify exposure points to the public internet, allowing you to better protect all datasets.
7. Monitor for anomalous user activity. Watch for password spraying and excessive failures. Monitor for compromised accounts in threat intelligence feeds. The faster you can spot unusual activity, the faster and better you can respond and limit the damage.
Peritus Cloud Security have partnered with AppOmni to offer customers the SaaS Risk Assessment which gives full visibility into their application and SaaS ecosystems. Contact us today to find out more.