Nearly half of information security managers believe that if a material breach occurs in their organization, an end user will be at fault, according to a Dark Reading survey released in late 2021.
The survey results confirm a long-held belief in security circles that end users who unknowingly violate security policy or act negligently pose the greatest threat to enterprise security.
While this belief stems from years of data and observations, it could also be approaching a tipping point. The growth of monitoring and remediation tools and new ways of thinking about security are creating a new paradigm where end users are moving from a liability to a strength.
The new security team
An organization’s information security has traditionally been the responsibility of specific job titles. In some cases this may be a single IT admin for many small organizations, while larger organizations may have a fully dedicated team.
Organizations today use hundreds of SaaS applications. In today’s work environment, almost everyone from CEOs to summer interns is using SaaS applications and can start playing a bigger role in defense.
Today’s new security structure leverages all levels of an organization. Let’s look at each in more detail:
- The C-Suite: Leadership sets the tone for the organization, and a company’s top brass must understand the risks that technology can bring. To improve the security posture, the C-Suite must allocate enterprise resources, including personnel, defensive technologies, and training time enterprise-wide.
- Security Staff: The defensive experts, the security team, should seek to create an automated defensive system that can remediate security alerts, handle upgrades and routine security incidents that occur. It is important that security members are free to focus on more important security initiatives and strategic planning without being overburdened on a day-to-day basis.
- Employees: The main users of SaaS solutions, employees, must have access to remediation technologies. During their typical working day, they could automatically identify and correct any suspicious behavior. Innovative security solutions continue to empower employees and are something organizations can explore to bolster defense in SaaS environments.
- SaaS Security Platforms: While not a personal group, enterprise security software cannot be underestimated. As SaaS applications continue to grow, companies need to take advantage of solutions that provide visibility into employees’ SaaS usage and automatically remediate any security issues they find.
Employees can play a bigger role in helping an organization advocate for nominations. This doesn’t mean that all staff should become security experts, but they should understand how to recognize a threat and have the tools to mitigate it quickly.
Leveraging employees in this way allows them to help keep the organization safe. After all, employees use these SaaS applications throughout their daily workflow. As a result, they can quickly see if something is wrong with the tools they commonly use.
These extra eyes can provide a valuable early warning system. Modern security tools can make employees active members of the defense, not just bystanders. They may be involved in resolving issues, identifying vulnerabilities, or sharing abnormal behavior, which improves an organization’s security posture.
time to change
The development and increased use of SaaS solutions has created a new status quo for business operations. The days of static systems living on a desktop or local server will soon be over. Therefore, organizations must abandon the security practices used to protect these tools in the past. Instead, leaders need to see how this shift in how employees use technology requires new solutions and strategies to succeed.
Employees today better understand organizational security challenges, and many have grown up as digital natives accustomed to working online and interacting with connected technologies. Therefore, leaders should aim to empower their employees to be part of the security process and play an active role in defense. This does not mean that security teams lose control of security solutions, on the contrary – security teams must always have the upper hand with complete visibility and control over all security processes. But the mundane day-to-day work of revoking tokens, permissions, or shared data can be lifted off their busy shoulders and into the capable hands of users who know best the business context of the apps they’ve chosen to use.