Webinar Recording

A Comprehensive Approach to Solving SaaS Complexity


Log in and watch the full video!

As businesses adopt cloud-based services as part of digital transformation programs to enable flexible working, boost productivity, and increase business agility to remain competitive, many IT and security teams are finding it challenging to gain oversight and control over the multitude of Software as a Service (SaaS) applications. Join security experts from KuppingerCole and Axonius as they discuss how to address common security challenges around SaaS such as a lack of visibility of applications and internal and external threats. They will also look at managing risk and explain how to go about delivering security that can drive and enable business growth.

Richard Hill, Senior Analyst at KuppingerCole, says security starts with an understanding of what IT assets require protection. He will therefore cover the importance of asset inventories, connections to IT applications and services options, compliance, and automation of policy enforcement. Amir Ofek, CEO of Axonius, will explore the key SaaS challenges, the pitfalls of existing approaches to solving them, and how both business value and risk management needs can be addressed in a single comprehensive solution that can also help optimize licensing and spend.

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Register  
Subscribe to become a client
Choose a package  
Hello. My name is Richard Hill. I'm a lead Analyst at Cooper, Nicole. And today we're having a webinar about a comprehensive approach to solving SaaS complexity. This webinar is supported by Exxons and joining me today is a mirror effect from who's a CEO of axons. And before we start, here's some information and some housekeeping notes, and then we'll jump into today's webinar. Now for some housekeeping, everyone is automatically muted. So there's no need to worry about muting yourself. We'll be running some polls during the webinar, which we'll be sharing results shortly afterwards, and we'll be recording the webinar and both the recording and the slides we'll be available on the Cooper Nicole's website. In addition, we'll save some time at the end for questions and answers. The goal to meeting control panel has an area where you could type in your questions at any time. And, and we'll answer those during that Q and a session at the end with that, let's look at the agenda for today. I'll start out by talking about it assets and the importance of having asset inventories, how to connect to those applications and service options, as well as compliance automation and policy enforcement. And then I'll turn over the webinar to Amir who will explore key SAS challenges, some existing solution pitfalls in how axons can address the shortcomings with their single comprehensive solution. Finally, as I mentioned, we'll save some time at the end for the question and answer session.
So moving on to my presentation, so I thought we'd start off, you know, why and how we got to where we are today. Cause I often get asked the question, you know, why do we need asset management? So I traditionally there was
Where the work environment consisted mostly of desktop computers and landline phones and traditionally office environments. Their it assets consisted mostly just desktop computers, operating systems like windows and OS patches and layered on top of each other. And later gold images of those desktop operating systems were used to provide that good known state of the OS, but it still required patching. And that patching became on a regular schedule, which was known as patch Tuesday. And these environments primarily were on premise and centralized. And then as mobile phones became more economically available, laptops, tablets, computers replaced, many of those stationary desktops and additional types of operating systems begin to expand including Android iOS, for example, and also businesses could control their employees, devices regarding its operating system and software applications that used and as well as the security controls and when the device was within that perimeter of the organization and the tools to control the devices were things like MDM and we'd control the life cycle.
But you know, there, there was that idea of the mobile first where the company issued the phone, this was called, you know, Cobo, which is company owned business only. And then later expanded to things like, you know, the company would own it, but it was personally en enabled. And then you had your bring your own device where the companies now had to, you know, track and protect even more different types of mobile assets. And there were many different types of types that it needed to manage. And also the OS deployments and software distribution and patch management of those assets as well.
And then a range of other devices started to show up asset types that expanded past desktops or laptops and mobile phones. And now it included things like printers and IOT devices and wearables like apple watch and even some newer types of devices, which, you know, are virtual, augmented mix reality type of headsets like Oculus or hollow lands. And the office devices begin to show up like virtual assistant technologies were making its way into the enterprise environments. And then, and then started seeing, you know, around the same time that there was this push to use cloud environments and this included private or public clouds, multi clouds with applications becoming available as software as a service or SaaS applications while still maintaining those on-premise environments and its assets there. Also the traditional desktop started to morph now to a virtual desktop, which are now becoming available via cloud. So now you have assets spreading across multiple different environments.
So, you know, what can organizations expect now and into the future, as we've seen over the last couple years due to the COVID 19 pandemic employees have been working in offices. So there are companies and business and personal assets to account for there. And people continue to wanna work from home or anywhere at any time. And we don't see that or expect that to change any time soon. And because of this work from anywhere trend and it transformation projects that are happening is they're wanting to become more efficient and productive. And we'll also see some dependencies on cloud environments and SaaS applications and virtual desktops. As I mentioned earlier, another trend is that convergence of OT and it systems and sharing of that data, industrial IOT collects information in both the business and the operations we wanna share or utilize or benefit from that sharing. So in the future, there may be some assets there to account for as well. And then other areas include, you know, increases of AI or machine learning, analytics, orchestration, automation, vulnerability, mitigation capabilities, and then having this continuous patching. So in the future, you know, really the list of it assets are continuing to grow and how to get a grip on that is really what we're here to talk about today.
So now let's take a minute to look at our first poll, which is on the screen. So this poll, the question, you know, is, is where are your new it assets growing the fastest? Is it on premises? Is it in the cloud? Is it in home offices or all of above? So you should be able to select the polls which have just opened and they'll be opened for a little bit where you could just select your answers there and then we'll move on with our presentation. All right. So we'll move on to our presentation. So what, what kind of assets risk
Can these assets really present or what kind of issues could it provide? So well, not knowing what assets you have is, is probably the first and the, the biggest risk that you have. This could be due to, you know, growing organizations that start tracking with the spreadsheet, but then, you know, it doesn't get maintained or maybe the company has been acquired by another company and now there's merging of assets. And then there's always that shadow it. You know, where the use of it related hardware, software is being used by a department or individual that, you know, it security or it in general, aren't aware of, and this could happen for many reasons, but it leads to unmanaged assets. And also you want to know if your assets are active, inactive, how they're being used and are they accessible, used, and maybe they've been orphaned or forgotten about,
And then assets also have an impact on your security posture, a computer under the desk. That's not being, that's not known about, or maybe it's being used for prototyping or demo, or maybe an IOT device is plugged in for some reason. And these devices might be misconfigured exposing vulnerabilities. Sometimes these types of assets use defaults, which are typically unsecured and not hardened. And then there's compliance, whether it's internal or external regulations of sorts, you still need to be able to meet and pass audits and avoid fines that results. If you don't pass those audits or meet regulations, which is difficult, if you don't, you can't enforce compliance policies on assets and then there's disaster recovery being able to maintain that business continuity. So you, you risk having, you know, sustained down times if you don't understand where the assets reside or where they're at to bring them back up and disaster recovery teams need to know, you know, what are those critical assets? And in order to, for them to plan effectively, they didn't need to know where they are and what they are. So now you risk, you know, not meeting the disaster recovery compliance objectives, so effectively managing assets like computers or mobile devices and applications, et cetera. So in, in summary, organizations should perform a risk analysis to determine the appropriate risk response or mitigation plan that they need to maintain risk monitoring activities as well.
So compliance depending on the industry of your organization is in certain industries where regulatory compliance policies should be enforced at a minimum. There are internal compliance and best practices should be followed to ensure that nothing decreases the performance or quality of your assets or services. External compliance is often called regulatory compliance. It refers to regulation set by some external authority or organization that your company has to follow for things like safety measures or record keeping obligations. So compliance ensures that your records are in order and that you do well in audits. And then it also ensures that your products and services are up to standards and, you know, have acceptable quality to them and listed are some of the guidelines and standards and compliance measures that I found. And as I mentioned earlier, significant risk is stemming from frequent changes that that are unaccounted for, or unexpected fines and penalties and failing to comply.
So ISO is a, could be used as good guideline for internal policies. The N guidelines are also important if you're an organization you're doing business with the us government, but even if you're not, this is a good information for it. Security PCI. If your organization is in the financial industry and GDPR, although it's not specifically called out indirectly, it can be considered when you need to correctly protect data. So knowing what assets maintain that data and where they're located for privacy concerns. So when evaluating an asset management solution, some thoughts should be giving on how you're planning to enforce these compliance policies and how that'll be done.
So let's take our second poll. It's up here on the screen. Again, you could access the polls through the webinar interface. So here I'm asking, you know, what's driving your organization for that need for asset management. Are you trying to improve your security policies? Are you trying to meet certain compliance requirements or you just need to get a handle on where all of your assets reside or even all of above. So let's take a minute and fill that out and we'll leave the poll open for a few seconds to let people submit their answer, and then we'll move on with the presentation.
So we'll, we'll move on. So we'll talk about evaluating asset management solutions. As an Analyst. I, I look at a lot of different features and some of the features that I look at, you know, is, is how do you connect to all these devices and applications or other assets from an asset management solution. And then on the flip side, there may be cases where you want to integrate with the asset management solution to bring it into the it ecosystem, where you may need to be able to access information, et cetera. So some of the options I see when I'm looking at asset management market is, you know, first of all, the most direct way that communication happens is via APIs. It could be invoked directly from the API endpoints, such as making a restful call to the service. And these could be, you know, private APIs or partner APIs, or even public APIs that exposed the service functionality to its customers.
And the use of APIs has grown significantly over the years and useful when orchestrating systems are integrating with other systems. And then next start SDKs or software development kits where developers can use the software library that they drop into their application. And it makes function calls or methods calls to their code, which in turn makes calls to service APIs. And, you know, some of the benefits of abusing that if, if the SDK is applied by the vendor, they should have it tested and certified to be used by their products. And this could save time on the development side, not having to code and test their own stuff. And then there's agents, which is, you know, a bit of code or software installed on systems, applications, devices, and there's been, you know, a longstanding agent base versus agentless approach. And this has been debated for years, which one to use agent or not really depends on a number of factors, which I won't get into here, but other, there, there are some valid reasons to use them either way, but the trend I'm seeing is the use of APIs over agents, and then finally gateways and proxies.
Most often, I see gateways and proxies of some kind. When I look at solutions, primarily when they're solution is, is trying to bridge, you know, a hybrid situation between on-premise and the cloud. And there are cases where this makes sense, depending on the it environment. I just wanted to bring it up here to let you know that this approach is offered by some vendors. So, which integration method should be used really depends on your own organizations, DevOps needs, and should be kept in mind when evaluating asset management solutions.
So some considerations, some considerations you might have or assets, you want to make sure that, you know, the range of the different types of assets, the solution can handle. You wanted breadth of applications and devices and operations operating systems that could support security, understanding, you know, how it fits into your it security environment and how solutions could enforce policies regarding those assets. And then having visibility of that asset information, having it in a centralized, single paying view is desirable. And then, you know, the deployment and delivery models that a vendor could provide, can the solution meet the needs of on premise use cases, as well as cloud and hybrid environments. And, you know, is it delivered as a, you know, software as a service or a container that runs within environments, for example, and then lastly, you know, integration, how well could it, the solution integrate into your current it systems? So these are some of the things to consider when evaluating a solution.
So what are some of the capabilities that are beyond basic asset management? I'll just quickly go through list here. So, you know, asset access. So you want to think about, you know, possibly can the solution show you, you know, here's an asset here's, who's using it. And these are the permissions that they have. That would be very helpful. Intelligence is, is growing in just about every product that I've seen. So being able to discover where those assets are analyzing the assets you have, and then being able to make some recommendation based on a given situation, automation, there's really a strong case for this reducing those repetitive tasks, errors, and then cost, and then remediation. So we talked a little bit about disaster recover and bringing assets into compliance and discovering and reporting on those asset vulnerabilities.
And then finally, you know, what, what are the benefits of having an asset management solution security? You know, you could respond faster to security issues if you know where some of these assets are and, and information about it. Resilience being able to quickly recover from disasters, knowing what you have and where they're at puts you in a better position during a disaster recovery audits, having that ability to see detailed information about these assets would be helpful and then cost savings. You know, you, you could save costs if you know what you have, how many licenses are they being used and then helping it help desk by allowing them to be able to see some information about the assets you have. So I think I'll stop there and I'll turn it over to Amir. Who'll take over the next part of this webinar.
So thanks everyone for, for making the time. I'm Amir CEO of external X. And I'm here to talk to you as following of what Richard mentioned around assets specifically on SA. So as, as was mentioned on the first Paul, and as Richard mentioned at the beginning of the, of the discussion SaaS is, is on the rise. Most of our organizations are shifting to SaaS and therefore there's a growing need for SA security best practices. So I just, a few weeks ago, I, I stumbled across this, this article from, from, from Newsweek, from 1995. So take a minute maybe to, to read the title and, and let's start with that. So this, this article was written by a journalist called Clifford stall, entitled the internet, but why cyberspace isn't and will never be an Irvana. And it predicts that the internet is going to be just a, a passing fad and that it would die within one year.
A few examples that cliff first is, is giving. There are that the truth is that no online database will ever replace your daily newspaper. No C can take the, the place of a competent teacher and no computer network will, will change the way governments work. For example, he goes about also electronic publishing, try reading a book or a disc on, on your PC. It's a very unpleasant chore, myopic and glowing and clunky computer will never replace your friendly book. And then he finally makes a comment around how come his local mall does more business in one afternoon than the entire internet handles in one month. I remind you this was in 95. So of course I could go on and on with, with more examples from the article, but of course they all look very ridiculous in retrospect. So insight is what lets us all look at the, the past and think, well, of course, I, I knew that and insight by us is that concept that we come across all over the place again and again, especially with, with new technologies.
So SA might be something similar, this feeling of, I knew it all along. I knew it all along didn't I is something that comes across when, when we speak about, about SaaS today. So today, when, when security practitioners are thinking about securing SAS versus IAS, of course, that the, the first thing that would jump to their mind is, is their ISAs. However, SAS are these new crown jewels that they may be well in jeopardy today. Something so obvious to take care of when, when you look back, but it's not so obvious today when, when you go through it. So evident of a SA model is by far the major paradigm shift today that, that the it industry is going across. And it becomes kind of a go-to for many, many organizations today who are starting to use SaaS more and more becoming the prevailing mode operation of their licenses of their products.
And it's exploding year by year. So enterprises on average today are using hundreds or even thousands of SaaS applications. Daily. Most of them, they, they don't even know are being used by their employees. And after all the, the SaaS model offers a lot of benefits, you know, like increased flexibility, accessibility, cost, saving ability to try new application, very easily, deploy them. However, it op opens also a lot of issues like increasing complexity of managing your, it, managing your security of all of those various SaaS applications. And here's why I think that the, the case with SaaS is going to be yet another kind of a Clifford stall type story. So let me ask you something today. Do you know how much you spend on SAS applications in your organization? And, and the answer in most organization is that you spend probably 30% more on SAS than you spend on your is.
So you spend more 30% on all of your SAS licenses within the organization. Then you spell it on your AWS. That that's not something that the CTOs find trivial, or they're not thinking about it maybe, but, but that's going to be a major dilemma for all of them. And especially with all of the vast security spend and security modules. So we do believe in Exxon's and with many of the customers that we speak with that, there will be this shift in priority from putting your spend on is security. So securing your cloud infrastructure, and the priority will shift to, to securing your SaaS. And this is very much aligned with a, with a recent survey that we have done. So you can see in this, in this survey, we've asked a few organizations globally and 66% of their organization. Men mentioned that they spent today more on SaaS application than a year ago. So we see this growth on, on SA spend. However, there's a, there's a very strange kind of, I would say desonance where only 34% are worried about cost associated with the rising of SaaS. We found even lower amount of percentage saying that they're putting focus on SaaS security because they have limited security, limited resources and limited time. So this gap between the growth and the complexity of SaaS deployment versus the need to secure them and to manage them is just growing. And that gap will need to be breached sooner than later.
So recent SAS incidents have also been on the rise. We have seen recent breaches with Okta, with GitHub, with various Atlassian products. Slack recently was hacked as well. Twilio last fast. So hackers definitely already identified SaaS is being that place where they can actually access crown jewels very easily. This place that is going unprotected unnoticed by a lot of organizations. And we see by according to this CSA CSA report that in 2022, fixed 63% of security incident were caused by SaaS applications. Misconfigurations. So that's not a, a kind of something that can go unnoticed or can go kind of oversight. 43% of their organizations mentioned that they dealt with at least one security incident that was related to a SAS app. So this is something that is here and it's here to stay and it's here to grow. And that's why we are actually tackling cyber security from the SAS management perspective with our, with our new offering.
So how SaaS management challenge is being addressed. We, we like to look at it in, in three different dimension. First is in terms of breadth, in terms of the amount of SaaS applications that you need to, to address that you need to, to support and that you need to secure. Secondly, is depth how deep you go within each and every SaaS application to ensure that the right protection is being in place. And last is in context. So making sure that you really give the attention to the most important users or to the most important SaaS applications or to the most important spend in the context of your business. So this is the maturity model that we have built in Exxon's for, for SAS management first level, as I mentioned, breadth, here, we answer questions like show me all of my apps, which apps are actually deployed within the organization.
And we do that through discovery, discovering all of the inventory of both the known and unknown SaaS applications discovering the shadow SaaS application dimension. Gartner has a couple of categories in this domain. One is with CASB, the other one with S P and, and they cover only that perspective. So for example, under breath, CISOs ask themselves which shadow SaaS applications are employees using the second layer. The second level is depth. Show me the details, the details of configuration configuration of each and every SaaS application, how their settings are done on MFA on password policy, on file sharing, et cetera. And here there's a new evolving category that Gartner named SSPM SAS security poster management correlating with CSP M cloud security, posture management. And this is the shift that we are seeing from the ISAs poster management and risk monitoring and compliance monitoring to the SAS dimension of things.
Again, as Richard mentioned before, when it comes to asset management, the compliance perspective, the risk perspective is a very crucial factor and this level of depth and configuration of those SAS applications addresses that compliance perspective. So here, for example, CISO would ask himself or herself do my CRM permissions, let reps, sales reps, export customer data to other applications or outside of the organization. The last layer is around context. Show me really what matters here we bring into, into place strong correlations correlations that help connect between various applications. How applications are interconnecting with one another. How is the dimension of cost in implicating various applications? How do I monitor behavior of users across applications? And this is the unique layer that we bring in Exxon's with our SAS management product. That basically goes all the way from the bottom, from the breadth and discovery through the depth and configuration mapping, but also bring you all the capabilities around the context of the findings of those SaaS applications. So all in all, that's what we, we couple under the umbrella of our product. And we think this approach of tackling all of those layers and all of those levels of SaaS management under one product is actually what companies will be looking for and already are.
So axon SA management is, is the, this comprehensive approach that brings both the business value that has to do with the managing users, onboarding, onboarding cost perspective, et cetera, as well as the risk management that security teams care about all in one place. So how do we do it? We do it through first foremost discovery. So we discover all applications and build this kind of connectivity map of interactions between those SaaS applications across the organization. Then we identify misconfigurations and data security risks per each of the SaaS applications. And finally, we deliver insights. We deliver insights on the context of user behavior on the context of integration between SaaS application, data flows, et cetera, the complete Exxon solution takes a very unique approach to this, to this need. We solve all of the SA challenge challenges for both security teams. It teams, as well as risk teams and finance teams, all in one platform, we give full context to all assets, all assets that have to do with all SaaS dimensions. And we built it through leveraging on our long-term history of API based approach of having over hundreds of SaaS con what we call adapters or API connectors that help monitor all of those SaaS applications without the need to deploy any agent or scan the network.
So thank you for, for this, for, for, for listening and for this kind of attention on the emerging space of SAS management. And by that, I guess we'll, we'll open to Q and a
Thank you. So now we'll move on to the poll results.
No surprises here.
Yeah. Quite a bit. Moving to the cloud. That's what we'd expect. So the need to improve, it looks like all the, all of the above. So security posture compliance requirements, and getting a handle on where your assets are and then there's some emphasis on the security posture. Okay. So let's move into the question and answer section questions are, so what is the process for finding what you consider to be shadow SAS applications? Is it different than CASB solutions?
Yeah, so I can, I can maybe take that. So, so as I mentioned before, CASBS have been around for quite some time and they, they address very well that bottom layer that I mentioned around breadth. So CASBS deploy and help kind of scan the network, usually deployed by agents and monitor basically all of the traffic relying on the traffic. However, we believe that there's also additional elements of discovery that can be done without just connecting to the network itself. For example, monitoring expense systems, to see what employees have been purchasing around SaaS applications and other aspects. So CASB can be a great source as a baseline, but it's not the only one. And CASB is just go as far as doing the discovery piece, but not going so much into the depth of each and every SAS applications monitoring the security settings, the configurations, and then also bringing the context of things. So if you really want to have a comprehensive view on your SAS management, usually a CA B is not enough in case you have a CA be deployed, you can easily leverage it, but it's not enough to give you the full view of, of all of the use cases that you need to address when it comes to SaaS security and SaaS management.
Okay. Thank you. So the next question is, you know, when it comes to misconfigurations and setting monitoring that you talked about earlier, do you think focusing on the most critical applications like Salesforce or Microsoft 365 is enough, or what is the right approach here?
Yeah, so of course your most critical applications are the ones that hold most crucial data and that most employees access definitely would be your Microsoft, your Google workspace, your Salesforce, your Workday, et cetera. However, that's not enough first and foremost, you need to have a good, a good sense of your shadow SaaS applications or your shadow, SaaS it, your shadow. It is actually the more, more concerning, or the more risky area where you have applications that are used by employees randomly without the proper, proper security measures in place. Probably. So that actually is an important piece of your security program, where you really need to know what employees are using in their organization. And then you might come across identifying some applications that look less important or being used by less, less amount of employees, but do have access to sensitive data like financial data or PII data or IP data within the organization, whether it is marketing applications or finance applications, or HR applications, or various development applications that have access to sensitive data where you should actually monitor and you should actually secure. So I would say don't just focus on your top two, five applications that are the most straightforward ones, because that's what also threat actors would expect you to do, but actually do have a good sense on all of your SaaS footprint within the company and make sure that you monitor any application that has a potential risk associated with it.
Okay, great. The next question is you mentioned cost optimization of SaaS as one of your essentials for SaaS management solutions. Could you elaborate a bit more on that and give some examples to understand how it works?
Sure, absolutely. So, so as I mentioned before, SaaS spend is a hefty budget line item that many CTOs CIOs even CFOs not do not recognize. So a lot of companies spend a lot of money more than they do on their cloud licenses on the total SaaS licenses that they consume. And there's a huge potential for cost saving there, for example, redundant SaaS application. So we tend to see various departments within the organization, each one, choosing its own flavor of the day of a task management application, or even sometimes multiple HR applications, multiple project management presentation, et cetera, cetera, because of the abundance of SaaS applications. We, we tend to see organizations using multiple ones instead of optimizing the cost through an enterprise license of maybe just one. And that's a very easy place to, to start when, when you go about saving your SaaS licenses, another aspect that we see quite often is a lot of inactive users.
So a lot of companies tend to have a large portion of their Okta, of their Microsoft licenses or of their Salesforce licenses, Workday, et cetera, which are very, very costly licenses going and being spent on inactive user users that are not actually accessing the application. And that's an immediate source of saving that you can, that you can remove. Then another maybe goal is users not using the correct license scheme. So users that are using their own personal license because they kind of submitted the, the application on their own, not leveraging the enterprise license that the company has. So that's another common sense. And maybe the last, the last point is also managing renewals. So we know that with SAS, it's very hard to manage the renewals. Usually you just get it in re you get the increase of the, of the, of the license in retrospect. But if, you know, ahead of the, of the game that the renewal is coming and the potential cost that you would like to reduce their potential reduction in the amount of seeds, et cetera, you can probably manage better the E efficiency of usage and, and the predictability of your spend spent.
All right. That another question is, is, do you see any specific industry more concerned about SaaS security issues these days?
I, I would say that we see SaaS being deployed across multiple industries, but if I had to pick one that we see is made actually a most dramatic shift. So for example, with eCommerce companies or companies that we're used to have a lot of cloud-based activity online, definitely for them SaaS is the reality of the day. But I think the most interesting shift that we see, especially in C is with industries that have moved from being kind of a hundred percent on-prem to be almost a hundred percent cloud, almost a hundred percent SAS. One of those is, is the healthcare industries. So we see today actually, a lot of healthcare companies being kind of challenge with the fact of shifting from being a pure on-prem to, to being a SaaS first type of business COVID was of course, a huge catalyst to that think about, you know, going to the doctors these days, you do it over zoom, you do it over chat longer the days where, where you need to go to the doctor physically, and you can, you can access a lot of healthcare aspects today online.
And a lot of those companies are being challenged because they were used to be very much in control, very much centralized manage all of their very sensitive customer data. And now it's kind of being opened up so dramatically. So we see a lot of focus on SAS security coming from the healthcare industry. We're already interacting with some, some very large government customers we're interacting with online healthcare companies, health insurance companies, and many, many others. We also applied HEPA. So Exxon's recently was accredited by HEPA and we apply also monitoring of HEPA compliance across SA configurations, all because we see, we see that the trend growing, becoming a major focus for, for healthcare companies. So that, that definitely, I would say an industry that stands out in that respect.
I see one last question. So which misconfigurations cause the most issues for organizations and how can you be sure it's remediated?
Sure. So, so first it really depends, you know, every organization can have a misconfiguration in a different type of application, different type of impact. So I think the answer to that would be first, you need to prioritize in the right context, all of your applications and, and then dwell into each application to understand which misconfiguration has the most impact. But the most common ones that we see are of course, MFA being disabled for some random reason and forgotten open, we see kind of a potential access to file sharing that is being too too much, too much open. And those are probably very common ones. We see excessive user permissions, sometimes users granting being granted admin permissions for no reason the way to control it is first to monitor to first get the visibility on it. So first you, you don't know, you cannot act on something if you don't know about it.
So I would say the first thing that you need to know is make sure that on all of your top applications that, you know, have access to sensitive data or sensitive information or sensitive users, you need to make sure that you monitor their configurations on an ongoing base. The moment you monitor it on an ongoing base, of course it can only be done automatically not manually. Then you can flag out any shift from your baseline. You need to kind of first set your baseline. So kind of, for example, your baseline should be MFA enabled in the moment it shift with any one of your users, you should get a flag auto, automatic flag out on that and address it immediately. That's probably the, the way, the way really to do it and, and make sure also that by that ongoing monitoring, you also meet compliance standards and, and auditing best practices.
Okay. So we've come to the end of the question and answering session and Amir, thank you for your presentation. It was very insightful. Thank you. And thank you, the participants for joining and thank you for coming today.

Stay Connected

KuppingerCole on social media

Related Videos

Webinar Recording

Multi-Cloud Permissions Management

Most businesses are adopting cloud services from multiple providers to remain flexible, agile, efficient, and competitive, but many do not have enterprise-wide control over and visibility of tens of thousands of cloud access permissions, exposing the enterprise to risk of security breaches.

Webinar Recording

Effective Identity Access Governance in Hybrid SAP Environments

Increased cyber threats and regulatory requirements for privacy and security make staying on top of user roles and access rights in hybrid IT environments more important and challenging than ever, which means it’s important to understand the real risks and how to mitigate them…

Event Recording

Panel | Protocols, Standards, Alliances: How to Re-GAIN the Future Internet from the Big Platforms

In talking about a "Post Platform Digital Future", it is all about a Vision, or better: mission to not let the current platform dominance grow any further and create the foundations for a pluralistic digital society & business world where size would not be the only thing that matters.…

Event Recording

Enhancing Cloud Security Standards: A Proposal for Clarifying Differences of Cloud Services with Respect to Responsibilities and Deployment

Widely used cloud security standards define general security measures/controls for securing clouds while not differentiating between the many, well-known implementations that differ with respect to the Service and/or Deployment Model they implement. Users are thus lacking guidance for…

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00