Skip to content

SaaS Data Security Report 2021: Top Risks in File Security

Natalie Robb, BetterCloud

June 30, 2021

4 minute read

DataSecurityReport2021 FeatureImage

We’re thrilled to announce the release of our SaaS Data Security Report 2021: Top Risks in File Security report.

In 2020, remote work became widespread, speeding digital transformation and SaaS adoption. And with the rise of SaaS, employees expect to collaborate and share files in order to do their jobs. This rapid realignment means that file security has never been more important.

To understand SaaS file security today, we surveyed more than 500 IT and security professionals and examined internal BetterCloud data from thousands of organizations and users—all to understand top challenges, concerns, and the magnitude of data loss and sensitive information leakage.

Here’s an excerpt from our report.

6 key findings

  1. Lack of visibility into SaaS data plagues IT: Nearly half of organizations say their top security concern is not knowing where sensitive data lives.
  2. Well-meaning but negligent users are the biggest data loss risk: More than 70% of organizations say the biggest data loss risk is the well-meaning but negligent employee.
  3. IT doesn’t trust users with company data: Only 35% of respondents trust end users to responsibly share and store company data.
  4. Securing user actions within SaaS apps is hard: Nearly half of respondents say they have difficulty securing users’ activities within SaaS apps.
  5. SaaS file security violations are out of control: This year, as the world reopened for business, file security violations have spiked 134%, and the types of violations are rampant throughout the organization.
  6. Organizations are rapidly adopting SMPs to solve SaaS file security challenges: 55% of organizations plan to use SMPs within the next 12 months.

In the past year, IT has experienced security policy violations, sensitive data exposure, and more

SaaS file security experiences

2020 shifted IT priorities more quickly
than ever before. As users moved to home offices, security took center stage.

And for good reasons:

More than half of very large organizations reported security policy violations in the past 12 months.

Additionally, nearly a third reported that users publicly shared sensitive data. Finally, 20% had compliance-related penalties, legal fees, or fines.

It all gives rise to the new importance of file security.

 

Lack of visibility into SaaS data plagues IT

SaaS security concern chart

Security concerns mirror this reality.

At the top of the list?

Nearly half of respondents report that they’re plagued by not knowing where sensitive data exists across their data sprawl.

Very large organizations, in particular, are concerned with insider threats. Meanwhile, large organizations are concerned about sensitive files being shared publicly.

Concerns around excessive admin privileges also ranked high on the list. While implementing a least privilege model is best practice, admin privileges can be difficult to right size, especially within SaaS apps.

 

Well-meaning but negligent users pose the biggest data loss risk

SaaS file security chart data loss

The biggest data loss risk is the well-meaning but negligent employee.

These employees have good intentions and are just trying to do their jobs, but often lack the training or knowledge to keep sensitive information safe. Negligent employees are by far the biggest threat for organizations of all sizes. However, it’s somewhat less of a concern for very large organizations, which likely trade productivity for security with the use of CASBs.

Securing users’ activities within SaaS apps is difficult

SaaS file security difficulty

About half of respondents say they have difficulty securing users’ activities—and that includes file sharing—within SaaS apps. That’s not surprising, given how much employees can do within SaaS apps: everything from sharing data, downloading, exporting, editing, forwarding, deleting, and so on.

When it comes to SaaS file security, you can’t secure what you can’t see. So for organizations looking for the starting point: it’s visibility into the entire SaaS environment. This includes all users, all files, and all applications. Organizations with superior visibility are best poised to implement processes, policies, and automation to easily safeguard corporate data assets.

 

A dramatic rise in file security violations as the world re-opens for business

SaaS file security violations

As life “returns to normal” and the world re-opens for business, file violations have spiked. An analysis of internal data from nearly 2,000 BetterCloud customers revealed a whopping 134% increase in the average number of file security violations from March 2021 to June 2021. With the rush to remote work, 2020 brought new SaaS file security requirements and user collaboration needs, as well as challenges for organizations of all kinds. It’s a salient reminder: As IT enables and empowers their organizations through the power of SaaS tools, they must also secure data in a way that maximizes user collaboration and productivity.

Download the full report to learn:

  • How Google Workspace vs. Microsoft 365 users differ in end user trust and SaaS security difficulties
  • The average number of file security violations per organization
  • The tech stack commonly used to secure files
  • Industry benchmarks for file sharing settings
  • Recommended best practices to protect your SaaS data

To learn more about how BetterCloud can discover, manage, and secure your SaaS environment, request a demo.