Who is responsible for SaaS Security? This presentation includes insights from Forrester demonstrating a clear disconnect between vendor and customer expectations.
2. SaaS applications are here to stay
The increasing
popularity of
BYOD
The spread
of Shadow IT
practices
The anytime,
anywhere,
any-device
workforce
The flexibility
of information
access
3. This proliferation of SaaS results in the need for
a firmer grasp on security responsibilities
4. of SaaS security responsibility
is outpaced by adoption
Understanding
6. 86% of IT professionals believe SaaS, IaaS, PaaS
vendors bear the security responsibility
However, the Cloud Security Alliance
guidance version 3.0 agrees:
“When data is transferred to a cloud, the
responsibility for protecting and securing
the data typically remains with the
collector or custodian of that data.”
7. IT is complacent with their current
security protections
– And that’s a mistake
8. By design, customers do not control
their cloud provider’s environment
Network
security
Configuration
control
Identity
& access
control
9. Perimeter and endpoint protections are ineffective
because they are not designed with SaaS in mind
VPN
Encryption
Firewall
10. IT is struggling with SaaS deployment security issues
57% agreed that endpoint
controls don’t work when users
access SaaS applications from
unmanaged devices
62% agreed that there is
inadequate insight into
good vs. bad behavior
12. Approach to adaptation to this
new IT era:
Consider standard-based, seamless
protection integration
Treat security as a shared responsibility
Embrace behavioral analytics to
detect potential threats
13. Key recommendations to
protect your digital assets:
Address evolving risks
Evaluate protection gaps
Look for SaaS-focused solutions
14. Download our latest whitepaper
A Forrester Consulting Thought Leadership Paper
Commissioned By Adallom
“SaaS Adoption Requires
A New Approach To Information Security”