Software as a service (SaaS) applications provide tremendous value to businesses and end users. One of the three main cloud computing categories alongside infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS), software-as-a-service (SaaS) is a web-based software distribution model in which a third-party provider hosts applications that it makes available to customers over the internet. The software vendor hosts and maintains the servers, databases and code that constitute an application.
Many SaaS applications are available for foundational business needs, including email, data storage, data sharing, customer relationship management, billing, sales management and collaboration, among others. Pricing is typically based on annual or monthly subscriptions, accounting for the software license, support and most other monetary costs. Popular SaaS apps include Microsoft 365® (formerly known as Office 365®), Box, G Suite®, Amazon Web Services (AWS®), Salesforce®, Workday® and Slack® among others. Providers often integrate with each other to augment productivity for customers. For example, a provider that offers an email application might store attachments in another provider’s cloud-based file storage.
The economics of SaaS—and cloud computing in general—empower enterprises. SaaS offers easy setup and collaboration capabilities that change the way organizations do business, allowing employees to access the tools and the data they need to effectively do their jobs and essentially putting enterprise customers back in control of IT spending.
However, while incredibly useful for driving business productivity, exponential growth in SaaS application usage brings with it security concerns much like those organizations face in traditional on-premises network infrastructure. For example, Microsoft OneDrive® or SharePoint® let users easily store and share files, but they create opportunities for accidental shares when users unintentionally send access to the wrong people.
Similarly, applications like Exchange and Salesforce easily store important, structured data for users, but these, too, are open to accidental data exposure or threat insertion risks and often act as entry points for malware, which can spread over time. For example, if a sales representative uploads an infected invoice document to Salesforce, a sales operations person who downloads the file will also become infected, and so on.
Reducing this type of risk in SaaS applications, where organizations’ most sensitive data often resides, is key to securing the enterprise IT infrastructures of the future. As a result, governance and protection of this data has catapulted to the top of CISOs’ priority lists.
Businesses have become increasingly concerned about the volume of sensitive data being transferred, stored and shared within SaaS environments beyond their visibility and control. Remote working is a big security factor to take into account as SaaS applications are directly accessible by anyone, from anywhere, and via any device.
As a result, a new approach to security has emerged, which Gartner calls the secure access service edge (SASE; pronounced “sassy”). A SASE is a single, cloud-delivered solution that combines networking (WAN, VPN, ZTNA) and network security services (FWaaS, CASB, DNS, DLP). A SASE architecture identifies users and devices, applies policy-based security, and delivers secure access to the appropriate application or data, allowing organizations to apply secure access no matter where their users, applications or devices are located.
A SASE solution provides organizations with many benefits:
As organizations look to provide better protection for their data and users, SASE can offer a simplified solution rather than investing in multiple point products to fix separate issues. For more information on how to effectively secure SaaS applications, download our ebook “Navigating the SaaS Security Jungle”. To learn more about what a SASE solution entails, get a copy of our “10 Tenets of an Effective SASE Solution” e-book.
Resources:
Gartner report: The Future of Network Security Is in the Cloud
Palo Alto Networks SASE solution: Prisma Access