Updated: Aug 22
Businesses prosper because of their dedicated employees and an ongoing commitment to growth and innovation. Cybersecurity personnel play an obviously crucial role in enabling that progression in today’s tech-dependent ecosystem. Given that role, some may be surprised to learn that a recent study shows that 73 percent of security professionals say they have used shadow SaaS applications that have not been approved by their IT team, as part of their role at their job.
Since shadow apps aren’t sanctioned for use by the organization and lack the usual oversight by IT departments, they serve as a notable risk that can lead to potentially devastating cyberattacks or data breaches. And the cybersecurity personnel admit that, as the same study showed that many such workers very much understand the risk they may be introducing into their enterprise. It’s this type of honesty within some of even the most trusted groups of employees that illustrates the need for consistently powerful yet non-obtrusive methods of monitoring identity access paths both within an organization and to external resources. Afterall, most organizations aren’t fully aware of access activities that can expose them to unwanted risk.
As identity-related security innovators, we understand that businesses are evolving and people need solutions that enable them to grow and succeed. The current environment is such that security professionals are using new unvetted tools that help them with their jobs. The research further notes that they are using these SaaS tools even though they are aware of the risk these tools may introduce.
The process for authorizing new SaaS tools is often long and cumbersome which is why cybersecurity professionals prefer to use “shadow SaaS.” However, doing this creates two different problems. First, if they are using their corporate credentials (i.e. their corporate email and password) it means that these credentials could end up on the dark web, and exploited by malicious actors to gain unauthorized access..
Secondly, there's also the issue of data leakage, with corporate data ending up in unauthorized places, which can result in exposure of sensitive business data in various places. This is a key challenge, especially when you consider the types of systems people use. One of the most concerning examples is employees that use unvetted shadow password managers. They use these password managers for convenience and security, but then all their corporate credentials end up in an unknown password manager that may not be properly secured and might even end up on the dark web.
Additionally, employees frequently use AI tools to analyze data, debug problematic code or even summarize meeting notes, which may lead to data leakage.
Organizations need to keep enabling employees to use the tools they need to work and move fast. But at the same time they must be armed with the ability to automatically detect the use of such tools in real time, understand who is actually using these tools, and provide the right recommendations on how to take control – either by halting their use and directing users to use other approved solutions, requiring secure access via SSO,or by developing other secure usage policies.
AuthMind can be quickly and easily deployed to detect all access paths across the hybrid enterprise landscape and alert on access to unknown “shadow apps” employees might be accessing. One of our customers who recently deployed the AuthMind platform was surprised to find out that it was almost like the wild west when it came to shadow SaaS app usage. The IT and security teams were completely unaware of the extensive use employees made of shadow SaaS apps, and the variety of these apps in use.
The benefits of the AuthMind platform quickly shined through. The organization had approximately 500 employees, with a large chunk of departments using whatever they felt like. Very few people were limiting themselves to using the corporate tools. AuthMind provided the observability into what people were using, identifying which employees were using which setups.
Quite quickly, this AuthMind customer began requiring employees to use the approved licensed tools that were properly secured to allow safe access and use.This step also led to improved IT hygiene and cost savings as it allowed the customer to identify and eliminate duplicate licenses and unneeded expenses on redundant tools. AuthMind helped the customer validate that employees are securely accessing the approved tools, and ensured that the use of unvetted tools stopped. . Now, AuthMind continues to track access to all SaaS tools, providing visibility, organizing the details, and providing the ongoing tracking by specific access activity types and categories.
It’s important to understand that AuthMind provides the intelligence and granularity needed to understand what types of assets are being used and the risk level posed to the organization. For example, the use of unknown credential-driven tools, like password managers, needs to be prioritized when detected. AuthMind’s Identity Security Platform provides a simple and easy way for enterprises of all types to gain this critical visibility and take immediate action..