AppOmni Aims to Reduce SaaS Risks in Remote Working With Enterprise Essentials AppOmni has launched a cloud security posture management (CSPM) product
AppOmni Aims to Reduce SaaS Risks in Remote Working With Enterprise Essentials
AppOmni has launched a cloud security posture management (CSPM) product called Enterprise Essentials designed to automate the process of achieving best security practices for all major SaaS platforms, and provide visibility into what is happening to sensitive data in the cloud.
The long-term effect of the COVID-19 pandemic on business is likely to hasten business transformation and the growth of remote working. The short-term effect has been a sudden and forced mass-migration to cloud-based SaaS products. Of necessity, this has not been adequately planned and implemented, and the result has been a dramatically expanded attack surface for many businesses, and little visibility into it.
This new attack surface is unlikely to go away when the pandemic eases, and it needs to be secured quickly and continuously. Brendan O’Connor, the co-founder and CEO at AppOmni, explains the basic problem. He told SecurityWeek he had spent ten years with Salesforce before moving to ServiceNow, and had thought he would find the transition simple since they are both SaaS products.
But, he said, “Salesforce is different from ServiceNow in basically every way that matters. The platform is different, the security model is different, trust anchors are different, sharing, data access, provisioning, governance… it’s all different. The challenge is that there are so many levers, knobs and switches in each of these SaaS applications that it is really hard to understand where we are in line with best practices, and do we have the right controls in place. The security team, which has more to do than bandwidth to do it, doesn’t have time to do six months of training for every SaaS application that their business relies on.”
Salesforce, for example, has more than 100 security controls; Zoom has just a handful. This sort of difference is common throughout the SaaS environment, and competence in all SaaS applications used by a company is necessary to ensure cloud security. AppOmni provides that competence automatically by understanding all the security options for each different SaaS application. It deep scans APIs, security controls and configuration settings to determine the current state of SaaS deployments, and compare it to best practices and business intent.
Misconfiguring database access is the most visible cloud threat. In January 2020, in a document titled ‘Mitigating Cloud Vulnerabilities’, the NSA warned, “misconfiguration of cloud resources remains the most prevalent cloud vulnerability and can be exploited to access cloud data and services.” This week there have been reports of 409 GB mobile Indian banking data exposed on a misconfigured AWS S3 bucket. In January 2020, it was reported that Microsoft had exposed 250 million customer support records on five separate Elasticsearch servers. And in March 2020 it was revealed that a British security company had exposed more than 5 billion records compiled from the PII stolen in previous breaches such as Adobe, Last.fm, Twitter, Tumblr and LinkedIn.
This sort of basic access control failure is automatically detected wherever and whenever it occurs in a customer’s SaaS estate.
In almost all cases, correcting the error takes only a few hours if not just minutes. The security controls exist within most SaaS products, but are often simply forgotten. Human error is the biggest problem in securing the cloud. “Cloud data gets exposed usually not through a malicious insider but through people with good intentions that flip the wrong flag, whether that’s exposing data through the API, or sharing a file or folder to anyone with the link,” comments O’Connor. “Or sharing something to their personal gmail account, because they want to be able to work on it from home where it is easier for them. Cloud-based SaaS data exposures are very rarely attributed to malice.”
AppOmni’s Enterprise Essentials is designed to automate the process of achieving best security practices in each and all the major SaaS platforms, and to provide visibility into what is happening within and between cloud servers. “As enterprises increasingly rely on SaaS for their day-to-day operations, the security of data in SaaS as well as adherence to industry best practices is ever more critical,” He continued. “With many enterprises adapting to the new economic climate and supporting an increasingly remote workforce, their risk of data loss, data privacy, and compliance issues have grown exponentially. Misconfigurations, overly broad data sharing, and APIs exposed to the outside world create doorways for attackers to get in. Instead of trying to penetrate the corporate network to steal information, attackers now seek to pluck unsecured data straight from the cloud.”
San Francisco-based startup AppOmni raised $10 million in January 2020 in a Series A funding round led by ClearSky.