SaaS Application Hosting Characteristics

View the detailed risk profile and usage statistics for the SaaS applications on your network based on sanction state and hosting characteristics in App-ID.
You can now identify, assess, and reduce risks related to SaaS applications with unfavorable hosting characteristics by leveraging the enhanced ACC filters in App-ID. To help you determine which applications you should allow in your environment, five new application hosting characteristics are now available: data breaches, poor terms of service, no certifications, poor financial viability, and IP-based access restrictions. You can use these application characteristics to gain visibility, control and the information you need to make informed decisions about the apps on your network, and define actions to eliminate risks or prevent future violations.
The enhanced ACC filters allow you to view the detailed risk profiles and usage statistics for the SaaS applications on your network based on the following hosting characteristics:
SaaS Application Characteristic
Description
Data Breaches
It is important for you to know if the SaaS application has ever had an intentional or unintentional release of secure information to an untrusted environment without proper information security precautions. Data loss and exfiltration is a possible risk when you use SaaS applications that do not disclose breaches or that have been breached within the past three years.
Poor Terms of Service
Applications with poor terms of service such as termination of service at any time for any reason, or making your sensitive data public for non-payment can make your enterprise vulnerable to loss of intellectual property, data, or nonavailability of service.
No Certifications
Certifications can help you assess applications to verify if the application has gone through certain basic security precautions that have been validated and officially recorded by a certification party. Most certifications are not a one-time evaluation and provide you the assurance that the security of the application is periodically evaluated. Applications are checked for compliance with industry certifications such as SOC1, SOC2, SSAE16, PCI, HIPAA, FINRAA, or FEDRAMP.
Poor Financial Viability
If the application vendor goes out of business, the liquidation activities can have a serious impact your enterprise. For example, during liquidation the customer data is considered an asset and sold, potentially exposing your IP and losing the data to the liquidator. This characteristic checks for applications with the potential to be out of business within the next 18 to 24 months and reports the applications with poor financial viability.
IP-based Restrictions
An application without IP-based restrictions lack the ability to restrict end-user access from outside of the corporate network, and can expose your enterprise data to end-users outside of your known enterprise IP range (such as a corporate campus).
The data for the IP-based Restrictions characteristic is available to view in the Network Activity graphs and for generating a custom report.
For ease of use, the applications with unfavorable hosting characteristics are displayed automatically in the predefined Application Usage Report .
The application usage report displays in a new window, so your browser must allow pop-ups. If the preview window does not open, refer to your browser documentation for the steps to enable pop-ups.
The Applications with Risky Characteristics displays on page 2 of the report.
app-characteristic-report-page.png
For a more tailored view, you can also use the characteristics to build a custom report .

Related Documentation