Beyond CASBs: introducing SaaS management
According to Gartner, cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to enforce enterprise security policies as the cloud-based resources are accessed.
By 2020, 60 percent of large enterprises will use a cloud access security broker. 1
A CASB's main focus is security and is the first layer for adopting SaaS applications. It provides solutions for data loss prevention, incidents detection, granular control of permissions, and more.
While security plays a big part in the adoption of SaaS, new challenges arise when the organization adopts a large number of SaaS applications. Below we've listed some of the challenges organizations face today:
Discovery of applications
SaaS applications are easy to adopt and quickly an organization finds itself with hundreds of SaaS applications to manage. Making sure there is an automated process in place that maps sanctioned and un-sanctioned applications is necessary.
Knowing which applications are being used and which are abandoned is becoming an important part of managing these apps. Are employees using them? Who and to what extent? As every department in our organization becomes data-driven, we need a simple way of collecting all the datapoints regarding SaaS usage into one data warehouse.
While SaaS brings innovation and speed to our organizations, it is also common to have less visibility over cost. Understanding and predicting the real cost of applications should be automated and present opportunities for cost optimizations.
Making decisions based on data is important when choosing vendors. Some SaaS applications are purchased but have almost no usage, but they are kept since utilization data is missing. Contract renewals should also be data-driven and based on historical data usage and cost. In doing so, we can leverage our analysis to save money and make better decisions.
Onboarding and Offboarding employees
New employees have dozens of applications they need to get access to. While SSO provides a good solution for a limited number of applications, the majority of applications are still not being managed. There's a need for an always up-to-date list of applications per role in the company.
When employees leave, making sure they no longer have access to company data is a high priority. How can we be sure what SaaS applications each employee has registered and still has access to?
Adding and retiring SaaS applications
What are the steps when using a new SaaS application? There's a need to streamline the process of introducing new SaaS applications into the organization. Today, any employee can just register an account with a SaaS provider and go under the radar.
What should be done when we stop using an SaaS application? When we decide to retire an application, there's a need to understand what data this provider holds, make sure it moves to other services or backed up before deletion.
Torii is the leading SaaS management platform on the market. It provides solutions for all the new challenges of managing cloud and on-premises applications. It was built from the ground up to integrate with all your core systems, identity and SSO providers, expenses software, and to enhance existing CASB solutions.
1. Gartner. “Magic Quadrant for Cloud Access Security Brokers.” Steve Riley and Craig Lawson. November 30, 2017