With the rapid shift to remote work in the past year, your users are likely relying on file sharing and SaaS collaboration features more than ever.
But it can be a mixed blessing. While SaaS is a boon to productivity, it also gives employees new levels of control over critical company assets. And with this new control comes new risks related to app misconfigurations, excessive permissions, and uncontrolled sharing.
When we analyzed aggregate data from our customer base of 1,500+ companies, we found data exposed across popular workplace apps Google Workspace, Box, Dropbox, Slack, Microsoft OneDrive, and more.
Out of the 3.4 billion files BetterCloud monitors, an average of 41,645 files are being shared publicly at organizations of up to 750 employees. At large enterprises with thousands—and in some cases tens of thousands—of employees, the number is a whopping 367,317 files.
Today organizations trust their SaaS apps to house their most sensitive business data. To that end, we found over 3 million credit card numbers and over 4.5 million Social Security numbers stored within these apps, to say nothing of passports, driver’s license numbers, and more.
To be sure, SaaS providers have robust security practices in place. But there’s a key difference: SaaS platforms only secure their applications. IT departments must secure how they’re used. And this means getting visibility into how files are being shared, where sensitive data lives, where it’s exposed, who’s doing the sharing, and more.
Because SaaS was designed to foster productivity, users have full control over how they share data and with whom. Default sharing settings can also be broad—for some organizations, too broad. The nuances of sharing settings can also be confusing, as they vary from app to app. As a result, it’s easy to expose data, whether it’s done deliberately or or accidentally. In most cases, it’s the latter. According to 62% of IT professionals, it’s the well-meaning but negligent end users who pose the biggest security threat.
This data highlights two things:
- The importance of end user training. It’s critical to invest in security awareness training and instill a culture of security that makes employees feel personal ownership
- The ongoing challenge of monitoring thousands of files and sharing settings across hundreds—or thousands—of SaaS applications, which will only compound as SaaS adoption rises. A SaaS management platform can help detect file sharing risks and remediate them.
In the SaaS-powered workplace, getting visibility into file security is more important than ever. Ultimately, you can’t protect what you can’t see.
For more information on file security, check out these resources:
- [Webinar] SaaS File Security
- [Ebook] The SaaS Explosion: Hidden Costs and Security Threats
- [Blog post] How SaaS Management Platforms Reduce Security Risk
To learn more about how BetterCloud can help secure your SaaS environment, request a demo.