glass class - the security gaps in your SaaS applications
Hi, I'm Chris Hines, product marketing manager here at Bitglass. Thank you for joining Glass Class. Today I'll be talking about SaaS holes, these massive gaps that exist within public cloud applications, applications like Office 365, Google Apps, Box, and Salesforce. The first gap that I want to talk about is something that we call identity sprawl. Identity sprawl is essentially when there's too many passwords for a user to remember. What happens is it actually increases the attack surface that hackers can use to get into a system.
A common solution here in terms of security would be a single sign-on solution. Here at Bitglass, if our customers don't have an SSL solution already we can actually provide one ourselves and link with our active directory.
The second SaaS hole that we want to talk about is suspicious activity. An example of this is if Rich accesses a spreadsheet from San Jose and then five minutes later it says that Rich accessed Salesforce and accessed that same data from Eastern Europe, there should be some kind of alert that the IT team gets. There's obviously some kind of anomalous behavior that's taking place in an organization. Public cloud applications have no way of providing that.
Here at Bitglass we do a few things. We can watermark and track data. Any time it's opened it actually pings back to our portal, alerting the IT team of an open event.
The third SaaS hole that I would like to talk about is something called cloud DLP or data leakage prevention. What happens here is at Bitglass we allow, based on the sensitivity of your data, we can simply track data, we can encrypt it, we can DRM it, or we can block it altogether from coming down to things like mobile devices. If you are a healthcare organization or a financial services organization and you have to comply with things like HIPAA or PCI, DLP becomes extremely important. This is something that public cloud applications aren't doing.
The fourth and last SaaS hole here is lost mobile devices. As you know, BYOD is extremely common. About 50% of organizations use BYOD. In healthcare specifically, about 68% of all healthcare breaches actually stem from lost mobile devices, devices that have sensitive company data on there and end up being lost or stolen. Obviously this puts sensitive data at risk.
All four of these, identity sprawl, suspicious activity, DLP, and lost mobile devices are holes that exist within public cloud applications that need to be filled. As a cloud access security broker (CASB) is to fill those holes. I'm Chris Hines, product marketing manager here at Bitglass. Thank you for joining Glass Class.