Arye Zacks

Telecom companies are facing challenges when it comes to securing their SaaS applications. This is due to the complexity of the SaaS model and the fact that telecom companies are not always equipped to handle the unique security requirements of SaaS.

There are essentially two ways to share files and documents out of a SaaS application: Make the resource available to specific users or make it available to "anyone with a link". Many users think that the latter is far more convenient, but the truth is that it opens organizations to significant risk.

NIST is considered a leading authority in the field of global cybersecurity standards. Understanding how to set these standards for your SaaS ecosystem security may be challenging but is crucial.

When SaaS apps first grew in popularity, it wasn't clear who was responsible for securing the data/ Nowadays, most security and IT teams are aware of the shared responsibility model, where the provider is responsible for the app and the organization is responsible for the data. The bigger question today is where does the data responsibility lies on the organization's side?

Oftentimes, security teams assume that data stored within SaaS apps is less sensitive than other corporate IP and accept that the security tools built into the SaaS app are strong enough to provide adequate protection. This assumption, however, is leaving critical data exposed online, putting organizations at risk of data exposure, ransomware, and regulatory fines.

The move to SaaS and other cloud tools has put an emphasis on Identity & Access Management (IAM), and the tools used to define IAM make up its identity fabric. Unfortunately, these tools are being pushed to their limits due to decentralized IT, evolving threats, and zero-trust tools. An SSPM solution helps add a layer to an organization's identity fabric by enabling continuous monitoring and suspicious behavior alerts.

User permissions are considered a headache to configure by both admins and users, but they remain crucial to protect organizations from both external attacks and internal data-sharing errors.

Over the last year, we’ve seen increasing evidence of an upcoming recession. While no one knows exactly what 2023 will bring to the labor market, organizations need to be prepared for potential downsizing.

As executives are planning an acquisition or divestiture within the next 12-18 months, M&A due diligence is key to business resurgence, strategic growth, and capability expansion. Unfortunately, one area that’s often overlooked during M&A due diligence is a target company’s SaaS landscape.