The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted access to an organization’s data is a difficult task. Understanding the risks that SaaS applications pose is just as important, but it can be challenging to secure what cannot be seen.
Many organizations have implemented access management solutions, but these are limited in visibility to only pre-approved applications. The average medium-sized organization has hundreds, and sometimes thousands, of SaaS applications that have been adopted by employees who needed a quick and easy solution or found a free version, completely bypassing IT and security. This leads to a significant risk as many of these applications do not have the necessary security and/or compliance standards and yet, they have permissions into the organization.
⚡ Wing Security recently announced that it is making its SaaS application discovery engine available as a free, self-service product. The tool is designed to help companies identify risky SaaS applications that have been adopted by employees without following company policy.
Democratizing SaaS Discovery
The risks associated with SaaS Shadow IT have become more prevalent in recent years due to the widespread use of SaaS within organizations. However, many of the security solutions that were available in the past focused on making security teams aware of the problem, rather than providing in-product or automated remediation capabilities. Indeed, the first step in addressing SaaS-related risks is to have a clear understanding of the SaaS stack in use within the organization. This information should be easily accessible and just as simple to navigate as the SaaS applications themselves.
To help security teams gain proper visibility and understanding of the risks associated with the growing use of SaaS, Wing Security (Wing) has decided to offer its SaaS Discovery tool as a free, self-service product, as can be seen here. The company aims to provide security teams with a comprehensive view and better understanding of the SaaS applications used within their organization, regardless of their size or the size of their budget.
images from Hacker News