Simplifying SaaS security


Key takeaways from “Modern workplace SaaS risks” webinar

The panelists

Detexian had the pleasure to host a panel discussion with

  • Ian Cameron, Executive Manager Cyber Security Strategy & Governance at IAG,

  • Ashish Rajan, Head of Security & Compliance at PageUp,

  • Damian Fasciani, Director of Technology at Culture Amp

The topic of discussion was centered around opportunities and challenges arising from fast-paced SaaS adoption across businesses and industries, and how the role of IT has evolved as a result. 

The perspectives from the panelists were notably diverse:

  • Ian with a long cybersecurity career with multiple regulated entities has seen the transition from on-premise to IaaS / SaaS happen;

  • Ashish is used to hybrid environments, and in companies developing software to use themselves in addition to using third-party apps; 

  • Damian’s expertise comes from leading technology implementation at born-in-the-cloud companies that “grow at scale and move at pace with SaaS”.  

The landscape

SaaS adoption is a worldwide phenomenon across industries and businesses. Business teams procure and manage SaaS. IT no longer centrally manages technology.  In modern workplaces, there is significant diversity with SaaS applications, many of which have unique security models. 

The challenges

“By 2024, 70% of IT organizations will lack the relevant roles, skills and tools to support SaaS-enabled digital transformation” - Gartner.

For SaaS-dependent organisations, it’s become increasingly challenging to answer questions such as: 

  • Who’s got access to which SaaS apps and at what level of privileges?

  • Is there sensitive data stored in SaaS apps?

  • Are users sharing data with external parties?

  • Do users have MFA turned on for their accounts?

The opportunities

The evolving role of IT as trusted advisor

The role of IT teams has significantly evolved in the last 10 years, from maintaining the infrastructure and saying Yes and No to solving business problems as part of adopting new technologies.

In cloud-first organisations, IT teams are trusted advisers and technology consultants, helping business teams to focus on the right things, e.g. identity access management, integrations and data flow between SaaS apps. IT teams need to be able to tell the business the story as to why they’re there and the services they provide, to entice business teams to trust them. 

The gaps

Team-specific SaaS solutions, not centrally managed by IT:

  • Lack of observability 

  • Lack of privileged access oversight

  • Manual auditing and compliance

Configuration management across SaaS footprints

  • Lack of single pane of glass that interrogates security configuration and identifies opportunities for hardening 

What the panelist see in Detexian

  • Ian: “normalised, unified view of SaaS risk posture”, “agility, simplicity” that reduces learning time required to know security configuration of different SaaS solutions and provides insights into what to do when issues are uncovered; 

  • Damian: “replace manual audit of SaaS apps with automation, collecting accurate data to make data-driven decisions at the Risk Committee”;  

  • Ashish: "digitizing asset and identity management for SaaS to replace spreadsheet". 

Get started with Detexian's 28 day free trial offer

Detexian is a SaaS security posture management (SSPM) solution. It is a single pane of glass across Office 365, G Suite, Atlassian, Salesforce, and other platforms, which continuously audits users’ SaaS permissions and security configurations. 

Detexian eliminates SaaS risk blind spots and gives you peace of mind you need to run a safe IT operation. With Detexian, regulatory compliance is made easy. You can generate audit reports to demonstrate evidence of control effectiveness over time that your auditors and regulators want.

Detexian offers a 28 day obligation-free trial, Get started now.

Secure what you can't see in the cloud
710 Collins Street
Melbourne VIC 3008
9848 Mercy Rd #2
San Diego 92129

Get the latest information about SaaS security misconfigurations

Copyright Detexian 2021 All Rights ReservedTerms & ConditionsPrivacy Policy