LayerX recently released a new guide «Shedding Light: Mitigating Shadow SaaS Risk» for security and IT teams, addressing the challenges of shadow SaaS usage. The guide compares different security controls that attempt to address this risk (CASB, SASE, Secure Browser Extension), explaining how each operates and their effectiveness. According to LayerX, 65% of SaaS applications are unauthorized by IT, and 80% of employees admit to using unauthorized applications, posing potential data exposure risks to organizations.
The three main risks organizations face are data loss, identity theft, and account takeover, and compliance and privacy violations. The guide provides mitigation guidelines by introducing a three-pronged approach: Application Discovery, User Monitoring, and Active Rule Enforcement. It also compares the traditional Proxy approach with the Browser-based solution for mitigating shadow SaaS, providing readers with the necessary information to decide which path best suits their organization’s needs.
Ultimately, Secure Browser Extensions emerge as the most comprehensive and user-friendly solution for combating shadow SaaS. These extensions empower IT and security teams to regain control over their SaaS environment, ensuring a safe yet flexible workspace. They achieve this through continuous browser session analysis to discover all SaaS applications in use, integration with cloud identity providers for enhanced identity security, alerting for critical changes, and governance and control over application access and data transmission.
Secure Browser Extensions offer a balanced solution, allowing for the use of SaaS applications while ensuring corporate environment protection. For further details, refer to the complete guide.
Vía The Hacker News