· Difficulties in controlling app security risks
Many companies use SaaS apps in their work more and more often, especially when their employees must work remotely. This is when they hit a problem: it is necessary to adjust security settings correctly for each app considering their configurations. As there are many such apps, security departments are forced to do major volumes of work and are not always maximally efficient.
· Low level of knowledge in cybersecurity rules by privileged users
Employees who do not follow cybersecurity rules and have expanded access put confidential information at the threat of being hacked and increase the risk of it being revealed. And because SaaS use continues to grow, there appears the necessity for control of employees’ access to apps.
· Phishing via SaaS
Criminals attack companies’ email via SaaS using the following scheme:
– Criminals send an email with OAuth app.
– An employee follows the link and logs in to their account.
– The app requests access to emails.
– The employee accepts the request.
– OAuth token is created, which is subsequently used by the cybercriminal to gain access to and control email or the whole disc.
– The criminal encodes the disc and the user can get access to it back only after they have paid ransom.
This is how ransomware works. Other types of cyberattacks can be organized using OAuth app as well.
Having installed special apps for protection against cyberattacks or using cloud services companies can protect themselves from such cyberattacks and identify changes in cybersecurity settings and SaaS apps in timely manner.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.