Driven by rapid digital transformation and accelerated growth in remote working, cloud application use is exploding. SaaS tools bring productivity benefits but vastly increase the risk from attacks, insider threats and accidental data leakage.
Sapphire deploys progressive solutions to give security teams visibility and control of this fluid attack surface. By unifying an organisation’s cloud-application based risk into a single platform, connected assets can be monitored and managed centrally. This reduces risk while also minimising resource outlay.
Vigilant: Enjoy both a macro and granular view of activity on any connected asset in your organisation. Understand everything from individual user actions in Microsoft Office 365 or Google Workspace to shadow hardware and applications.
Tailored: Apply custom-made policies and controls to cloud application use mapped to your security posture. Modify and optimise privileges to get the best out of cloud applications while mitigating risk.
Integrated: Integrations reduce the threat from phishing, malware, account take over and business email compromise in cloud applications.
Some of the significant cloud application security issues experienced by many organisations include the following.
In many organisations, misconfiguration is a significant cause of cloud data breaches. For example, ensuring elements like access controls are correctly configured is crucial to make sure data extraction doesn’t take place through exposed dashboards, portals and other interfaces. Across the board, organisations should make sure not to trust the default configurations from CSPs, and secure cloud deployments in a manner tailored to the specific organisation.
APIs are a common point of attack. While being easy to use and generally well-documented in an attempt to make them easy-to-use, they can also be vulnerable if not set up correctly.
Having visibility of all cloud-based assets is not straightforward, given their number and ease of deployment. Specialist controls are crucial to providing an overview of these and mapping them to policies.
Weak password security has hindered organisations for as long as they have been in existence. The Cloud doubles down on this issue, putting everything from technical infrastructure to crucial applications within reach of a stolen password unless multi factor authentication is utilised.
Most Cloud Security Providers have a range of native security functions to protect their customers, however, many prefer to augment this with their own specialist controls. These typically include and not restricted to:
A Security Information and Event Management tool is a valuable way of centralising the data from separate controls into a single point of access. This can be crucial for managing and triaging events in a busy environment. Given the complexity of the cloud and the plethora of data points, a central collection and visibility tool is important to effective decision making.
Most cloud security compliance standards require companies to have a way of tracking and recording intrusion attempts. If you want your organisation to meet compliance standards, including HIPAA and PCI, using IDS event logging solutions is necessary.