Recapping Our Recent Webinar on the Unique Challenges of SaaS Security

Huge tech companies like Microsoft, HubSpot, and Okta have all been victimized by SaaS cyber attacks so far in 2022. Whether your operation is big or small, securing a cloud-first environment can be a tough task, especially as employees are increasingly less likely to be tethered to work computers and office environments. 

But it’s also no secret that remote work is a lot more convenient for employees. Remote-first work environments can also be a huge competitive advantage for your business. To nobody’s surprise, organizations around the world have put a lot of thought into how to secure a growing SaaS stack in an increasingly asynchronous work environment—all while enabling remote workers to be successful in their jobs from wherever they’re located.

In our latest webinar, BetterCloud’s former Chief Business Strategy Officer Shreyas Sadalgi talked shop on the unique challenges of securing SaaS apps with a couple of experts, including:

• Andras Cser, Vice President and Principal Analyst, Security and Risk Management at Forrester Research 
• Harsha Nagaraju, Director of Product & Solutions Marketing, Security at VMware

Here are some of the key takeaways from their conversation. If you want to watch the conversation in full, click this link to check it out. 

What issues are most vexing in SaaS? 

On what feels like a daily basis, we see reports of data breaches at some of the most respected companies on the planet. While data protection was difficult enough when we were all commuting to the office, Cser and Nagaraju say the challenges have been exacerbated by the uptick in remote work.

“Most of these challenges probably were not big problems when everyone was in headquarters,” Nagaraju adds. “Now, employees are infinitely more likely to be sharing company files over Slack on coffee shop Wi-Fi, or at a friend’s house. ‘Everywhere organizations’ are becoming the new normal.”

Many of the challenges Nagaraju outlined have been discussed ad nauseum—and for good reason. What’s striking to us, however, is how much more difficult it is to determine how much you can trust a device that’s requesting access to your environment. The number of potential vectors has grown exponentially as remote work explodes—and it’s clear that data protection will continue to be a top priority for IT teams everywhere.

Who’s especially likely to put your company at risk? 

Cser stresses that people he calls movers – veteran employees who have moved within the company for a long time – are especially likely to become liabilities to bad actors because they’ve accrued access to a lot of different corners of your infrastructure (which they may no longer need in their current roles). “We’ve seen some instances where this was used as a springboard for hackers or internal threat actors,” Cser says. 

In response, Sadalgi recommended ranking your most important admins so it’s easier to identify the select few who get certain kinds of access. All this is good practice for IT departments regarding SaaS, but how do you pull it off in real-time?

This brings us back to the challenge that necessitated webinars like this roundtable conversation with Sadalgi, Cser, and Nagaraju. How the heck can you apply some of the best practices they recommended? Spoiler alert: This is where we talk about the critical role your SaaS management platform (SMPs) plays in securing your SaaS environment.

“[BetterCloud] recognized this as a company early on, when SaaS became a thing ten years ago,” Sadalgi says. “[We recognized] that IT would require new tools to maximize the business value.” Lately, the pace has accelerated to where manual SaaS data protection is all but obsolete, with automation the only game in town.

How can you stay on top of all these SaaS apps? 

Many IT teams have struggled to answer this question over the last few years. This is just one of several reasons why we’re excited to announce BetterCloud’s newest collaboration with VMWare. 

VMware SaaS App Management Powered by BetterCloud is the most up-to-date control station for what’s keeping IT up at night. It’s out now, available as a VMware product add-on to Workspace ONE and Horizon. If you’re looking for a way to wrangle your apps into one place, this has you covered. 

In addition to announcing this new partnership, Sadalgi wrapped up the session by taking questions from the audience. Here are just a few snippets from the Q&A portion of the webinar:

• The evolution of SaaS exposed the gaps in SaaS management. “Misconfigurations and gaps happened because there’s no telemetry that was made available until now,” Sadalgi added. “And that’s something that has happened because the SaaS industry and every SaaS application has matured and exposed those APIs in the first place.” 
• A complementary approach to SaaS security. Sadalgi says that the obvious solution to the most common gaps in SaaS management is a complementary approach driven by a SaaS management platform like BetterCloud. “Once you actually get inside the SaaS application, misconfigurations and gaps happen because there’s no telemetry that was made available until now,” he continued. “SaaS operations platforms like BetterCloud are best suited to solve that challenge [through zero-touch IT automation].”

Want to see how BetterCloud can help you get control of your SaaS environment before it controls you? Schedule a demo.