What is SaaS?
SaaS applications provide tremendous value to end users. One of the three main cloud computing categories alongside infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS), software-as-a-service (SaaS) is a web-based software distribution model in which a third-party provider hosts applications that it makes available to customers over the internet. The software vendor hosts and maintains the servers, databases and code that constitute an application.
SaaS applications are available for foundational business needs, including email, customer relationship management, billing, sales management and collaboration, among others. Pricing is typically based on annual or monthly subscriptions, accounting for the software license, support and most other monetary costs. Popular SaaS apps include Office 365®, Box, G Suite®, Amazon Web Services (AWS®) and Salesforce®, among others. Providers often integrate with each other to augment productivity for customers. For example, a provider that offers an email application might store attachments in another provider’s cloud-based file storage.
The Value of SaaS - and Some of the Security Concerns
The economics of SaaS – and cloud computing in general – empower enterprises. SaaS offers easy setup and collaboration capabilities that change the way organizations do business, allowing employees to access the tools they need to effectively do their jobs and essentially putting enterprise customers back in control of IT spending.
However, while incredibly useful for driving business productivity, exponential growth in SaaS application usage brings with it security concerns much like those organizations face in traditional on-premises network infrastructure. For example, Microsoft OneDrive® or SharePoint® let users easily store and share files, but they create opportunities for accidental shares when users unintentionally send access to the wrong people.
Similarly, applications like Exchange and Salesforce easily store important, structured data for users, but these, too, are open to accidental data exposure or threat insertion risks and often act as entry points for malware, which can spread over time. For example, if a sales representative uploads an infected invoice document to Salesforce, a sales operations person who downloads the file will also become infected, and so on.
Reducing this type of risk in SaaS applications, where organizations’ most sensitive data often resides, is key to securing the enterprise IT infrastructures of the future. As a result, governance and protection of this data has catapulted to the top of CISOs’ priority lists.
The Continued Evolution of SaaS Security – Enter SASE
Businesses have become increasingly concerned about the volume and sensitivity of data being transferred, stored and shared within SaaS environments beyond their visibility and control. As a result, a new approach to security has emerged, which Gartner calls the secure access service edge (SASE; pronounced “sassy”). A SASE is a single, cloud-delivered solution that combines networking (WAN, VPN, ZTNA) and network security services (FWaaS, CASB, DNS, DLP). A SASE architecture identifies users and devices, applies policy-based security, and delivers secure access to the appropriate application or data, allowing organizations to apply secure access no matter where their users, applications or devices are located.
A SASE solution provides organizations with many benefits:
- Protection from threats across many thresholds: advanced threats, data loss, data theft and malware
- Reduced complexity and cost of deployment
- Complete visibility, access and control over the entire network
As organizations look to provide better protection for their data and users, SASE can offer a simplified solution rather than investing in multiple point products to fix separate issues. Learn more about what a SASE solution entails in our 10 Tenets of an Effective SASE Solution e-book.