SaaS applications have provided tremendous value to end users due to
their easy setup and collaboration capabilities.
However, because the typical SaaS environment is invisible to network administrators,
enterprise security tools designed to protect internal data centers, servers and
workstations can’t effectively protect SaaS applications or prevent data
leakage. Securing SaaS applications largely includes classifying different
groupings of applications in order to understand what they are doing and
how to control them, as well as setting zones of trust to control access.
The goal for your SaaS security implementation should be to end up with
a set of well-defined and enforced application and usage policies for
sanctioned, tolerated and unsanctioned SaaS applications and to protect
the data they house.
Some of the challenges in securing SaaS applications include: handling end users
who sign up for cloud applications without the approval or governance of IT
departments, monitoring and/or blocking the use of unsanctioned applications,
and a lack of visibility into data residing in the cloud.