Set It and Forget It: Using BetterCloud Workflows to Automate Your SaaS Security

The average workplace now relies on over 100 SaaS apps to keep their employees productive. For every benefit these apps provide, they also introduce just as much security risk. As employees communicate, collaborate, and create, they are leaving sensitive, business-critical company data in nearly every app they touch.

“As a security practitioner, one of the most difficult things about the migration to SaaS has been understanding what data I have, where they are, and who has access to it.”

Matt Svensson, Senior Security Engineer at BetterCloud

Perform One-Time Audits to Uncover and Remediate Existing Threats

By aggregating all of a company’s cloud storage files into a single view, BetterCloud gives IT teams much-needed visibility into where all of its data lives. Once a company’s files are aggregated, IT admins can use BetterCloud to perform one-time security audits to see how files are being shared and if they contain sensitive data. 

One-time audits are also useful when two company’s IT environments are merged. With BetterCloud, IT admins can quickly uncover threats in an incoming company’s files.

During these initial audits, many BetterCloud customers find employees that share their work files with their personal accounts in order to work on personal devices. One company discovered a shared document filled with credit card information that was being used to send payment information to outside vendors. 

In these instances, IT can use BetterCloud to remediate issues quickly by taking bulk actions, such as unsharing files and notifying file owners. If needed, you can transfer the ownership of the file to IT or a manager, or even permanently delete the file.

“Your users can put any data they want into these SaaS file storage applications and name it whatever they want. You can’t just look for ‘creditcards.txt’ to find all your credit cards. You have to look across all the files, inside each file, to see what is actually there. And you have to do this on an ongoing basis as the files change.”

Svensson

Use Workflows and Alerts to Automate Real-Time Data Protection

Once this “first pass” of security audits is complete, the next step is to set up BetterCloud to alert you and take action automatically whenever a policy is violated. For example, if an employee shares a file containing sensitive data publicly, BetterCloud can automatically unshare the file, and then notify IT and the file owner, protecting your company from a potential data leak.

During Altitude 2021, two BetterCloud experts hosted a 30-minute session that walks through best practices for automating file security, and how to use BetterCloud to: 

• use the Files Grid to see how cloud file storage documents have been shared,
• scan the contents of all these documents for sensitive company data,
• create new alerts from existing templates to notify you when policies have been violated in real time, 
• and then create workflows from these alerts to automatically take action to make sure your company’s files stay in compliance with your security policy.

Altitude 2021 was filled to the brim with in-depth sessions just like this one, from topics that range from custom integrations to kicking off automated workflows outside of IT. You can browse additional workshops and keynote videos in our Altitude 2021 resource library.