Cloud apps make collaboration a breeze, but unless you’re keeping a close watch on identities, behavior, and privileges across each and every SaaS and IaaS you rely on, you’re a sitting duck.
The cloud blurs the lines between personal and corporate accounts and non-admin users can break least privilege with the click of a “share” button. Securely offboarding contractors and employees from dozens of SaaS apps is error prone and often results in shadow identities that attackers prey on.
If you’re not watching closely, users can silently copy, delete or expose your mission-critical data to just about anyone. And that data can be anything from your Salesforce customer list, your source code in GitHub, and your documents in Box and Google Drive.
To paint a picture of data risk across fragmented SaaS and IaaS environments, we created the 2021 SaaS Risk Report. We gathered and analyzed data from over 200,000 cloud identities and hundreds of millions of cloud assets for the report.
Our goal: to uncover key risks organizations face when trying to control unsupervised identities and shadow privileges that can put data at risk.
Here are just a few key findings:
- Nearly 44% of cloud privileges are misconfigured.
- 3 out of 4 cloud identities for external contractors remain active after they leave.
- 3 out of 5 users are shadow admins.
- 15% of employees transfer business-critical data to their personal cloud accounts.
👉Read the full report: 2021 SaaS Risk Report
🤔How did we get all this insight? It’s all thanks to DatAdvantage Cloud, our new cloud-hosted solution that protects your mission-critical SaaS applications and cloud data stores: AWS, Box, GitHub, Google Drive, Jira, Okta, Salesforce, Slack, and Zoom.
👋Want to see how your SaaS and IaaS instances are putting you at risk? DatAdvantage Cloud visualizes and prioritizes your biggest risks so you can proactively reduce your blast radius. Request your tour today at https://info.varonis.com/cloud-demo
What should I do now?
Below are three ways you can continue your journey to reduce data risk at your company:
Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.
See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.
Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.