Cloud 101CircleEventsBlog
The CCSK v5 and Security Guidance v5 are now available!

SaaS Security Use Case Series: Device-to-SaaS User Risk

SaaS Security Use Case Series: Device-to-SaaS User Risk

Blog Article Published: 10/26/2022

Originally published by Adaptive Shield here.

Written by Eliana Vuijsje, Marketing Director, Adaptive Shield.

Typically, when threat actors look to infiltrate an organization’s SaaS apps, they look to SaaS app misconfigurations as a means for entry. However, employees now use their personal devices, whether their phone or personal laptop, etc. to get their jobs done. If the device’s hygiene is not up to par, it increases the risk for the organization and widens the attack surface for bad actors. And so, Endpoint (Device) Protection — through EDR, XDR, and vulnerability management solutions – has arisen as a critical factor in SaaS Security.

The challenge in remediating the threats posed by endpoints and devices lies in the ability to correlate between the SaaS app users, their roles, and permissions with their associated devices' compliance and integrity levels. This end-to-end approach is what's needed for the organization to implement a holistic, zero-trust approach for their SaaS Security.

‍Not a simple feat, however, automated SaaS Security Posture Management solutions can now provide visibility that correlates the SaaS user and their associated devices with the device’s hygiene score.

High-Risk Devices

How do you classify high-risk devices in the context of SaaS security?

‍Devices that are owned, or used by users with high levels of permissions to the company’s core SaaS apps. For example, someone who has high levels of access to the company’s CRM can present a high risk to the company if their device is vulnerable and this needs to be remediated immediately. These high-risk devices serve as a critical threat vector to an organization’s SaaS environment.

‍Security teams should continuously map devices to their users and their associated permissions to get a handle on which devices/users pose the highest risk.

Correlate Between User, App, and Device

As mentioned, the more privileged the user, the higher their device is at risk. To gain deep observability into the user, app and device posture, security teams need to check the hygiene of their users’ devices, for example up-to-date OS configurations, and any vulnerabilities. With that assessment and score in hand, security teams can map and monitor the user’s SaaS app access (in addition to, of course, securing the SaaS apps themselves).

‍Once these cross references are in place and accessible, organizations can enable “soft” enforcement enhancements, through policies and organizational best practices. This way security teams can monitor risks and threats without severely limiting the user.

Get the Zero Trust Approach

Zero-trust is a concept much batted about in cybersecurity vernacular today. While many consider it a buzzword, its meaning represents an important approach that can not be emphasized enough. To wholly secure the organization’s SaaS stack, end-to-end, and continuously, calls for a holistic and automated solution.

‍Adaptive Shield has been built to resolve not only the need for management of the SaaS app configurations themselves, but also the devices the organization’s employees use. (Not to mention third party app access — and you can read more about that here.) When integrated with MDM (mobile device management) solution, Adaptive Shield will pull the device data and map the device to the owner.

By looking at the device posture while conducting a SaaS security assessment, organizations can achieve a holistic zero trust approach.

Share this content on your favorite social network today!