Skip to content

SaaSOps Security: See How Easily Interactions Sprawl Out of Control

David Politis

January 15, 2020

4 minute read

BookBlogPost4 FeaturedImage

This article is excerpted from BetterCloud CEO David Politis’s new book, The IT Leader’s Guide to SaaSOps (Volume 2): How to Secure Your SaaS Applications. To learn more and get a copy, click here.

Because SaaS applications were expressly designed to foster collaboration, sharing data is simple. But due to this openness and the simplicity of sharing, interactions are like the digital version of kudzu: a sprawling, massive web. They spread in all directions throughout your environment and grow out of control quickly. Left unchecked, they’re nearly impossible to manage.

To visualize this, here are a few examples of how easily interactions can sprawl out of control. These will illustrate why two core tenets of SaaSOps—file security and least privilege—are notoriously tough to tackle.

Files

A flowchart diagram showing the sharing of a spreadsheet containing pipeline data and customer information, initiated by the Sales VP. The flowchart starts with the Sales VP at the top, who forwards the spreadsheet via email to various recipients, including sales representatives, external partners, and IT support teams. At each step in the chain, icons indicate potential security breaches such as unauthorized access, accidental sharing with unintended recipients, and exposure to malicious actors. The chart uses red warning symbols to highlight critical points of risk where sensitive data could be compromised. Arrows guide the viewer through different pathways of data sharing while color-coded sections emphasize areas requiring enhanced security measures. The overall layout underscores vulnerabilities inherent in inadequate data handling practices within an organization.

A visualization of how the sprawl of interactions can spiral out of control when it comes to file sharing.

 

Let’s take files as an example. A sales VP may store a spreadsheet in Dropbox containing confidential sales pipeline data and customer names and addresses. Initially, his interactions are innocuous. He only intends for his CEO and sales director to access this data, so he shares it with the two of them.

But from there, the sales director shares it with her three sales managers, who in turn download, export, forward, email, save, and share it with internal (and external) users, who in turn do the same. The more people the file is shared with, the bigger the sprawl is. The growth becomes exponential. The larger the sprawl, the higher the risk of human error or negligence, even though users may have the best of intentions.

Essentially, the sprawl is never-ending. IT has little visibility into this sprawl, but it continues to grow exponentially across your org as people do their jobs and collaborate.

Excessive admin privileges

Flowchart illustrating the unintended consequences after engineers create their own Slack workspace. The flow begins with "Engineers create Slack workspace," branching to "Increasing admin roles" and leading to chaos as numerous engineers become admins. This results in IT intervention, shown with a decision point where 24 admins decide to upgrade to Slack Enterprise. Arrows and labels guide the viewer through each step of escalating complications, culminating in a structured resolution by IT. The clean design uses simple shapes and clear text for easy comprehension of the process and outcomes.

A visualization of how over-assignment of admin privileges can happen over time.

 

Here’s another example focusing on excessive admin rights. Based on a true story, this example shows how easily admin privileges can be over-assigned.

In a shadow IT world, it’s not unusual to see an individual team (e.g., Engineering) adopting Slack without IT’s approval or knowledge.

Initially, there might only be a few admins. But eventually, that number swells. Admins beget admins: Managers might invite others and make them admins too.

In this example, as engineers build Slack integrations and bots, they need API tokens to authenticate them. It’s easier to give them all admin access so they can generate tokens on their own, rather than having to continuously request them. Similarly, if they want to install a Slack app but installation is restricted to admins only, it’s easier to just give them admin access. Convenience trumps security.

Unfortunately, this means admin rights are often handed out like candy, with no oversight. Privilege creep sets in too. People switch roles but retain admin access. Additionally, if a Slack workspace starts out as shadow IT, there is often no formal offboarding process. Nobody is officially in charge of deactivating accounts. As a result, ex-employees can easily retain Slack access—and admin access at that.

This story happened to one of our customers. When we were onboarding them, we helped them discover a whopping 79 admins (most of them engineers) in their Slack instance, which started out as shadow IT. They had no idea. With our help, they managed to reduce the number of admins to two.

Groups

Flowchart depicting the steps for inviting HR team members to an Office 365 group. Key elements include role assignment and management, with pathways for handling changes or departures within the team. The flowchart uses color-coded boxes and arrows to indicate different actions: invitations, role assignments, updates for new roles, and procedures for departing members. The visual hierarchy helps clarify the sequence of steps from initial invitation to ongoing management.

A visualization of “interaction sprawl” caused by groups over time.

The last example of “interaction sprawl” has to do with groups. Over time, group ownership can become messy, and users can play fast and loose with group privacy settings. If the group contains sensitive information, this can become a security issue.

For example, let’s say the director of HR creates an HR group. The default setting for groups in Office 365 is “Open,” meaning users can create their own groups as needed without having to bother IT. He invites his HR team to join. Over time, the group grows. Members add other members—both internal employees and external guests. The group owner changes. Part-time contractors join, but their access is never revoked. Privacy settings are unintentionally changed from private to public, allowing anybody in the org to view the group’s content and join.

These are just three examples, but interactions create a never-ending sprawl that spreads to just about every crevice in the digital workplace. So long as employees use SaaS applications to collaborate and get work done, the sprawl will continue growing.

In our next blog post, we’ll discuss how to classify interactions for SaaSOps security.

Looking for more SaaSOps info? Check out www.bettercloud.com/saasops/ for in-depth webinars, books, success stories from SaaSOps practitioners, and more.

To learn more about how BetterCloud can help you manage and secure your SaaS applications, request a demo.

Categories