Misconfigured software-as-a-service (SaaS (opens in new tab)) solutions are putting companies at enormous risk of data breaches and loss of business, new research suggests.
According to a new report from SaaS security posture management company Adaptive Shield, most CISOs (85%) see SaaS misconfiguration as a significant threat.
The key issue seems to be the number of tools in circulation. CISOs say they have too many SaaS tools that need to be checked regularly, with just 12% of companies with 50-99 applications able to check their security settings at least once a week. The larger the app count, the less frequent the checks.
- Here’s our list of the best free office software (opens in new tab) right now
- We’ve built a list of the best online collaboration software (opens in new tab) on the market
- Check out our list of the best project management software (opens in new tab) available
To try and solve the problem, most CISOs (52%) delegate the responsibility to the SaaS owner, who often “has less knowledge and security training”, putting the business at risk.
According to Maor Bin, Adaptive Shield CEO, the findings “present a clear view of an urgent need to secure the SaaS landscape”.
Ransomware on the cards
The findings support additional data published earlier this month by cloud security company Lightspin, which found that many businesses fail to properly configure their cloud instances, in part due to confusing information from vendors.
Analyzing 40,000 AWS buckets and their cloud storage permissions, the company found that almost half (46 percent) of AWS S3 buckets may be misconfigured and should be deemed insecure.
Misconfigured buckets can result in various cybersecurity incidents, including data theft and malware (opens in new tab) infection, for organizations of all sizes, from SMBs to enterprises.
SMBs that fail to properly configure their SaaS products and cloud instances risk being infected by ransomware (opens in new tab) and having their systems locked down. Ransomware often results in downtime that lasts for days and prevents businesses from operating normally until the systems are restored.
- Here’s our rundown of the best productivity tools (opens in new tab) out there