How to Automate File Security in a SaaS Management Platform

SaaS applications for file sharing—Google Workspace, Box, Dropbox, OneDrive, and more—have made collaborating easier than ever. Remote employees can connect via shared files across time zones around the world, driving new levels of productivity and innovation. However, the way these applications were designed makes data protection a real challenge for IT admins and security teams. 

Why makes these file sharing SaaS apps so risky? SaaS vendors boost their bottom line by maximizing usage and engagement. To do that, they make creating sharing files as easy and simple as possible. 

With many SaaS applications, it is very easy to create a document, add in sensitive or proprietary data, and share it—all in just a few seconds. However, the minute the wrong information is shared with the wrong person, you have a data breach on your hands.

With SaaS apps and security policies working at cross purposes, what can security teams do? Without the right tool, your options are not great. You could tell everyone to stop using Google Docs and other file sharing apps. Besides grinding productivity to a halt, you’d probably become the most hated member of your company. Or, you could do nothing, cross your fingers, and hope that no employee ever makes a file sharing mistake.

With a SaaS management platform (SMP), you get a much better third option: automated SaaS file security. In this blog we’ll discuss why and how you should use an SMP to uncover improperly shared files, locate sensitive data, and use workflows to automatically fix file sharing actions that violate your security policies.

In this article, you will learn:

• Why you need a SaaS management platform to locate shared files and sensitive data
• How to automate SaaS file security with alert-based workflows
• How to use zero-touch automation to monitor and protect sensitive SaaS data

The best part of using an SMP to automate file security is its flexibility. Using alert-based workflows, you can adjust the actions you take and the order you take them in, based on the level of risk. But before you can set an SMP to take any automated actions, you first need to locate the file security risks in your SaaS environment.

Why you need a SaaS management platform to locate shared files and sensitive data

Before you set up security automation workflows, you first need to know where sensitive and proprietary data is located in your SaaS environment. File sharing SaaS apps, including Google Workspace or Office 365, do not have the capability to do this natively, especially across all users in your environment. This is why an SMP is an essential tool for data protection.

When you first set up a SaaS management platform, you should perform a series of one-time content scans to get a snapshot of your current SaaS environment. You can view the results in a single grid view that shows the name of the file, who created the file, and more. If you use Google Workspace, you can even run a file oversharing report in an SMP like BetterCloud to uncover risky trends in your SaaS environment.

The results of these scans never fail to surprise new BetterCloud customers. The sheer volume of files being created every day by employees can be massive. Over 67 million shared files are currently being monitored on the BetterCloud platform today. 

Of those files, many contain sensitive or proprietary data. For example, over 250,000 files have been uncovered by BetterCloud customers that have the word “password” in the title. The risk of a data breach grows with every new employee that joins your company.

To take a closer look at the risk posed by today’s typical set of “best in breed” SaaS applications, check out the video below. You will also learn how the capabilities of an SMP allow you implement a number of security controls that don’t impact productivity.

How to automate SaaS file security with alert-based workflows

The great thing about the way an SMP approaches security is its flexibility. You don’t want to implement security controls that are so restrictive it keeps users from being productive. However, you want a solution that does more than just send your security teams endless alerts and notifications—and the only remediation available is to take action manually.

With alert-based security automation, you can strike the right balance of data protection and productivity. Let’s say a new employee creates a file of credit card numbers he uses for different vendors for procurement. Then, he takes that file and shares it with his personal email address so he can have access when is working at home. Or worse, he simply shares the file directly with a vendor.

With BetterCloud, you can set up an alert that notifies IT whenever a file contains a sequence of digits similar to a credit card number. Depending on your security policy, you can create a workflow that automatically takes action as soon as the file is detected. These actions can include:

• Sending an email to the user letting them know their actions are risky
• Alerting IT via Slack
• Sending an email to the user’s manager
• Unsharing the file
• Waiting a certain amount of time between actions, from 30 minutes to 30 days

One way to set this up would be to have a workflow immediately unshare the file and notify the user. This would be a good approach if the data is potentially very sensitive, such as credit card numbers or social security numbers.

If the data found pose a lower risk, you could instead have the security automation workflow simply notify IT, the user, and their manager. Then, a manager or member of the IT team could follow up to learn more about the situation before further actions were taken.

How to use zero-touch automation to monitor and protect sensitive SaaS data

The best part about these workflows is that they don’t require IT or security teams to do anything manually—unless you choose for an IT follow-up to be part of the remediation process. 

Once you have completed your one-time scans and audits, you can “set and forget” go-forward policies that continuously monitor and scan your SaaS environment. When a scan detects a file or data security issue, you can create security automation workflows that unshare the file, email the file’s creator, and more. 

This way, your SaaS environment becomes “self-healing” over time. Users learn to take less risky actions, files get unshared without any IT involvement, and your SaaS security posture improves.

To take a “peek under the hood” to see how to use BetterCloud to uncover and automatically remediate file security issues in your environment, we invite you to check out the video below.

Unlike security point solutions like CASBs, a SaaS management platform gives you the flexibility to secure your SaaS environment without impacting productivity. You also gain the ability to add security automation to your data protection toolkit, enabling security teams to save time and take action without any IT involvement. 

To further improve your security posture, an SMP’s security automation features can be used to enforce a least privileged access model. You can set up real-time alerts to notify you when too many admin accounts have been added to any given SaaS app. 

If you really want to keep the number of admins of a particular SaaS app to a minimum, you can even create a workflow that automatically stops new accounts from being created. Automated security workflows are a flexible, intelligent way for IT teams to enforce security controls and policies. 

To learn more about how an SMP can automate file security, least privileged access, and more, schedule a demo today.