- Are highly business process specific;
- Handle and store critical business and personal data.
- Integrate a broad array of service components, operating over a deep application stack.
- May depend on multiple cloud service providers.
Discuss this topic in Circle
Have an interesting article or video on this topic that you want to share? Anyone can join the discussion community for this topic to share ideas or ask questions.View discussion community
Participate in SaaS Governance Research
This group aims to benefit all parties in the Software-as-a-Service (SaaS) ecosystem by supporting a common understanding of SaaS related risks from the perspectives of the cloud customer and cloud service provider.
|The perils of SaaS misconfigurations||Help Net Security||April 14, 2022|
|Business teams increase cybersecurity risk due to poor SaaS management||Tech Target||April 14, 2022|
|Dismal SaaS management ups cybersecurity risk||SC Media||April 15, 2022|
|SaaS misconfigurations lead to cybersecurity incidents||Security Magazine||April 19, 2022|
|Cyberskirmishing in Russia's hybrid war. Hafnium gets evasive. Qbot's new tactics. Enemybot described. Patch Tuesday notes.||The CyberWire||April 12, 2022|
Cloud Security Research
CSA Research crowd-sources the knowledge and expertise of security experts and helps address the challenges and needs they’ve experienced, or seen others experience, within the cybersecurity field. Each publication is vendor-neutral and follows the peer review process outlined in the CSA Research Lifecycle. We recommend getting started by reading the following documents.
Cloud Octagon Model
While not created by this working group, the Cloud Octagon Model helps provide context and background to SaaS Governance. The model is an approach to assess risk in SaaS cloud computing. It provides practical guidance and structure to all involved risk parties in order to keep pace with rapid changes in privacy and data protection laws and regulations, and changes in technology.
The 2020 State of Identity Security in the Cloud
The use of cloud services has continued to increase over the past decade. Particularly in the wake of the COVID-19 public health crisis, many enterprises' digital transformations are on an accelerated track to enable employees to work from home. CSA surveyed these organizations to better understand how cloud services are being used during this transition and how organizations are securing their operations over the next 12 months.
SaaS Governance Best Practice for Cloud Customers (Coming Soon!)
The SaaS Governance Best Practice for SaaS Customers is a baseline set of fundamental SaaS governance practices for SaaS Customers. It enumerates and considers risks during all stages of the SaaS adoption lifecycle and takes into account the SaaS usage lifecycle. It will also aim to provide mitigation measures from the cloud customer’s perspective.