Almost half of information security leaders believe that if a significant breach happens to their organization, an end user will be at fault, according to a Dark Reading survey released in late 2021.
The survey results confirm a long-held belief in security circles: End users who unknowingly break security policy or act negligently provide the greatest threat to enterprise security.
While this belief comes from years of data and observations, it may also be nearing a tipping point. The growth of monitoring and remediation tools, and new ways of thinking about security is creating a new paradigm where end users go from a liability to a strength.
The new security team
An organization’s information security traditionally fell to specific job titles. In some cases, this may be a simple IT administrator for many smaller organizations, while larger organizations may have a full dedicated team.
Organizations today utilize hundreds of SaaS applications. In today’s work environment, nearly everyone from the CEO down to summer interns uses SaaS applications and can start to play a more prominent role in defense.
Today’s new security structure leverages all levels of an organization. Let’s look at each in more detail:
The C-Suite: Leadership sets the tone for the organization, and a company’s top brass must understand the risks that technology can bring. To improve security posture, the C-Suite must allocate company resources, including personnel, defensive technologies and company-wide training time.
Security Personnel: The defensive experts, the security team, should look to create an automated defensive system that can remediate security alerts, manage upgrades and routine security incidents that occur. It is important that security members should be free to focus on more significant security initiatives and strategic planning without becoming overburdened in the day-to-day.
Employees: The primary users of SaaS solutions, the employees, need to have access to remediation technologies. During their typical work day, they could identify and automatically fix any suspicious behavior. Innovative security solutions continue to give this power to employees and are something organizations can explore to bolster defense in SaaS-heavy environments.
SaaS security platforms: While not a personnel group, an enterprise’s security software cannot be underestimated. As SaaS applications continue to grow, organizations need to leverage solutions that provide visibility into employee SaaS use and automatically remediate all the security issues that they find.
Employees can take a more substantial stake in helping an organization defend applications. That’s not to say all staff must become security experts, but they should understand how to recognize a threat and have the tools to mitigate it quickly.
Leveraging employees in this manner empowers them to help ensure the security of the organization. After all, employees use these SaaS applications throughout their daily workflow. As a result, they can quickly see if something seems amiss with the tools they commonly use.
These additional eyes can provide a valuable early warning system. Modern security tools can make employees active defense members, not just bystanders. They can become involved in solving problems, identifying vulnerabilities or sharing abnormal behavior, which improves an organization’s security posture.
Time for a change
The development and increased use of SaaS solutions have created a new status quo for business operations. The days of static systems living on a desktop or a local server will soon no longer exist. As a result, organizations need to leave the security practices used to protect these tools in the past. Instead, leaders must see how this shift in how employees use technology requires new solutions and strategies to find success.
Today, employees better understand organizational security challenges, and many grew up as digital natives accustomed to working online and interacting with connected technologies. Therefore, leaders should aim to empower their employees to become part of the security process and an active part of the defense. This does not mean security teams lose control over security solutions, on the contrary – security teams should always have the upper hand with full visibility and control over all security processes. But the mundane daily work of revoking tokens, permissions or shared data can be lifted off their busy shoulders and transferred to the capable hands of the users who best know the business context of the apps they chose to use.