We Agree, Microsoft – SaaS Apps Need to be Secured Too

February 20, 2015
By Naveed Makhani

In his blog post Architecture Matters: Protecting Data in a Mobile First, Cloud First World, Microsoft’s Brad Anderson argues that “the trend of moving to cloud-hosted services is real and it is accelerating,” yet many enterprise management vendors are overlooking the growing need to secure usage of these services. He further notes that “a combination of on-premises and SaaS apps is the future for most organizations.”

We at Moka5 completely agree with Brad’s and Microsoft’s perspective and so we put together a few additional points to consider when thinking through your approach to securing usage of web-based services both on-premises and in the cloud.

- While Brad’s post focuses on the approach Microsoft is taking to secure usage of SaaS services on mobile devices, web-based services such as Salesforce, Box, SharePoint and Office 365 can be accessed from any device with a browser, so you’ll need an approach that covers Windows and Mac laptops and desktops too.

- In a world in which sensitive enterprise data can be accessed freely from any device, managed or unmanaged, consider how you will protect enterprise data that is accessed from and stored by the user on unmanaged assets (e.g., a cyber café PC, home PC, etc). Data-centric (as opposed to device-centric) application of endpoint security controls such as encryption and remote wipe may be required to mitigate regulatory and compliance risk.

- A thick-client Windows application distributed by the enterprise ties a user to a company-managed Windows machine, but a SaaS app frees a user to access the application from any device with a browser, which can be a productivity multiplier. In the quest to secure usage of web-based cloud services, it’s important to preserve the user experience and productivity benefits of these platform-independent services while securely enabling their usage. Look for solutions that balance this security vs. usability challenge by giving users the flexibility to use the right device at the right time, while providing unintrusive, lightweight enterprise security controls to prevent data leakage.

Comments are closed.