Controls for SaaS applications - Cyber Security 3 Flashcards
Secure your weakest link: SaaS users
Start with user training and interactive coaching to
identify and help change risky behavior. Then, give your security team tools to help them
monitor and govern SaaS application permissions. Look for a solution with robust access
controls, including:
o Multi-factor authentication (MFA)
o Role-based access control (RBAC)
o Protection for administrative accounts
o User access monitoring that can detect malicious or risky behavior
security controls for SaaS applications
Discover employee use of unvetted SaaS applications
Protect sensitive data in SaaS applications
Secure your weakest link: SaaS users
Enforce compliance requirements in the cloud
Reduce risk from unmanaged devices
Control data sharing from SaaS applications
Stop SaaS-borne malware threats
Discover employee use of unvetted SaaS applications.
Discover employee use of unvetted SaaS applications. As SaaS adoption rapidly expands,
manual discovery of SaaS use in the enterprise becomes increasingly untenable. Instead, to
quickly identify risk and extend appropriate security controls, your organization needs an
automated way to continuously discover all SaaS applications in use by employees.
Protect sensitive data in SaaS applications.
Protect sensitive data in SaaS applications. Implement advanced DLP capabilities using an
application programming interface (API)-based approach to scan for sensitive information
stored within SaaS applications. Compared to inline, an API-based approach provides deeper
context and allows for automatic remediation of data-risk violations.
Enforce compliance requirements in the cloud.
Enforce compliance requirements in the cloud. Create and enforce a consistent, granular
security policy for compliance that covers all SaaS applications used by your organization.
Security policy enforcement should include automating compliance and reporting for all
relevant regulatory requirements across your SaaS applications.
Reduce risk from unmanaged devices.
Reduce risk from unmanaged devices. Deploy a security product that differentiates access
between managed and unmanaged devices to protect against the increased security risks
inherent with personal devices. For instance, you could allow downloads to managed devices but block them for unmanaged devices while enabling access to core functionality.
Control data sharing from SaaS applications.
Control data sharing from SaaS applications. Use an inline approach to gain visibility into
sensitive data flowing into high-risk, unsanctioned applications. Create and enforce DLP policies that control data-sharing activities in the SaaS applications employees use.
Stop SaaS-borne malware threats.
Stop SaaS-borne malware threats. Implement threat prevention technology that works with
your SaaS security to block malware and stop threats from spreading through SaaS applications, thus eliminating a new insertion point for malware.
An application programming interface (API)
An application programming interface (API) is a set of routines, protocols, and
tools for building software applications and integrations.
Multi-factor authentication (MFA)
Multi-factor authentication (MFA) refers to any authentication mechanism
that requires two or more of the following factors: something you know,
something you have, something you are.
Role-based access control (RBAC)
Role-based access control (RBAC) is a method for implementing discretionary
access controls in which access decisions are based on group membership
according to organizational or functional roles.