Forrester: The confusion over SaaS Security Responsibility

500 views

Published on

Who is responsible for SaaS Security? This presentation includes insights from Forrester demonstrating a clear disconnect between vendor and customer expectations.

Published in: Software, Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
500
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Forrester: The confusion over SaaS Security Responsibility

  1. 1. The Confusion over SaaS Security Responsibility - How to Avoid Complacency
  2. 2. SaaS applications are here to stay The increasing popularity of BYOD The spread of Shadow IT practices The anytime, anywhere, any-device workforce The flexibility of information access
  3. 3. This proliferation of SaaS results in the need for a firmer grasp on security responsibilities
  4. 4. of SaaS security responsibility is outpaced by adoption Understanding
  5. 5. Knowledge of specific security responsibilities is hazy
  6. 6. 86% of IT professionals believe SaaS, IaaS, PaaS vendors bear the security responsibility However, the Cloud Security Alliance guidance version 3.0 agrees: “When data is transferred to a cloud, the responsibility for protecting and securing the data typically remains with the collector or custodian of that data.”
  7. 7. IT is complacent with their current security protections – And that’s a mistake
  8. 8. By design, customers do not control their cloud provider’s environment Network security Configuration control Identity & access control
  9. 9. Perimeter and endpoint protections are ineffective because they are not designed with SaaS in mind VPN Encryption Firewall
  10. 10. IT is struggling with SaaS deployment security issues 57% agreed that endpoint controls don’t work when users access SaaS applications from unmanaged devices 62% agreed that there is inadequate insight into good vs. bad behavior
  11. 11. SaaS calls for a new, integrated approach to security
  12. 12. Approach to adaptation to this new IT era: Consider standard-based, seamless protection integration Treat security as a shared responsibility Embrace behavioral analytics to detect potential threats
  13. 13. Key recommendations to protect your digital assets: Address evolving risks Evaluate protection gaps Look for SaaS-focused solutions
  14. 14. Download our latest whitepaper A Forrester Consulting Thought Leadership Paper Commissioned By Adallom “SaaS Adoption Requires A New Approach To Information Security”

×