Detexian

Detexian

Securing the Future of Work

2021/11/09

SaaS to SaaS authorised apps, your ticking bombs for data breaches?

Remember the last time you clicked to approve a new app? What access permissions to your data did you grant the app?

In the business world, users can also consent to permissions requested by third-party apps to gain access to business and customer data of the organisation. Once this authorization is established, it is often forgotten about and becomes a security blind spot. 

The most common SaaS blind spot is SaaS to SaaS authorizations

These are SaaS apps that users connect to the organization’s SaaS ecosystem themselves to enhance the business value for their unit or for personal use. 

For example:

  • An Office 365 user authorizes HubSpot to send email as the company

  • Another user consents to monday.com to access their OneDrive and Outlook Calendar

  • A user connects Zapier to Salesforce to take customer data to an unmanaged app Airtable

Data often flows between SaaS apps without anyone knowing. This can lead to multiple risks which are often unknown to the organization. 

Business User managed vs IT Administrator managed SaaS to SaaS authorizations

In the modern workplace, business teams choose, procure and operate SaaS solutions. Because of this decentralised ownership model, the IT team strongly prefers all SaaS to SaaS authorizations to be brokered by a managed middleware platform. This gives them visibility, oversight and freedom to de-couple solutions as the business teams require.

The blind spot for these organizations are the SaaS to SaaS authorizations that business users authorize themselves without the involvement of IT and managed middleware platforms. 

Malicious third-party SaaS apps are on the rise, and can be authorized by a user by accident or by being socially engineered. 

Attackers are adding malicious applications to app stores and marketplaces every day in an attempt to compromise high value targets. Microsoft released new guidance about this new blind spot in early July 2020  “Protecting your remote workforce from application-based attacks like consent phishing“ that SaaS administrators should be aware of. A user can unknowingly authorize a malicious Azure marketplace app. See our previous blog on How to detect malicious Azure apps that are accessing your sensitive data

How Detexian helps

Detexian reduces these risks by discovering:

  • Unauthorised apps staff use with their corporate email accounts

  • If those apps have access to your business and customer data

  • When new apps are granted and permissions change

Many apps are granted excessive permissions such as read/write access to files, emails, calendars. If left unknown, these apps are ticking timebombs for data breaches. 

Find out how to discover unknown, untrusted apps with access to your data in 5 minutes, Try Detexian free for 7 days.

Secure what you can't see in the cloud

info@detexian.com
710 Collins Street
Melbourne VIC 3008
Australia
 
9848 Mercy Rd #2
San Diego 92129
USA

Get the latest information about SaaS security misconfigurations

Copyright Detexian 2021 All Rights ReservedTerms & ConditionsPrivacy Policy