It’s Easier Than You Think: Gaining Visibility Into SaaS Apps To Secure Your Data

March 2, 2022
Download Case Study

{{consumer="/components/cta/consumer"}}

2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE)

Lookout has been named a Visionary in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE). We also also scored among the top three solutions in the 2022 Gartner Critical Capabilities for SSE.

Download SSE MQ

Software-as-a-Service (SaaS) apps have become essential to how most of us run our organizations and stay productive — especially over the last two years. On any given day, you’re likely messaging colleagues using Slack or Teams, sharing files with partners from Google Drive or Microsoft SharePoint, or working in Workday or Salesforce to perform an HR- or sales-related business process.

But productivity improvements created by SaaS apps have also created new data security challenges for organizations. As employees continue to work remotely, they’re using untrusted networks and unmanaged devices that bypass the traditional security controls we have used to protect our organizations.

Below are key questions that we sought to address and they are good to use for your organization as well.

Would you know if…

  1. a user’s credentials are compromised and used to access SaaS apps and data?
  2. someone accidentally shares sensitive information to an unauthorized party?
  3. a user downloads data to an unmanaged personal device?

For many organizations, the answers are likely “no” to one, two or all three. Traditional perimeter-based tools simply aren’t built to secure data in the cloud environment. This is why Lookout deploys our own Security Service Edge (SSE) solution to secure data in our SaaS apps. You should check out my Q&A with our head of IT to learn more about our journey deploying SSE and what we’ve learned.

You can’t protect what you cannot see

In our own digital transformation process, we’ve come to a rather obvious conclusion: you can’t protect your data if you don’t know how your SaaS apps are being used. Before even thinking about reducing risks and complying with regulations, you need timely and actionable intelligence.

But how do you get that visibility? This is where the Lookout Cloud Security Access Broker (CASB) becomes quite useful. The non-intrusive API-deployment mode enables it to be working within minutes with no impact to your apps. Once deployed, it gives IT teams visibility into some of the most business critical apps such as Microsoft 365, Google Workspace, Slack, Box, Salesforce and ServiceNow.

What we learned within 90 minutes of deploying the Lookout CASB

Our CASB’s API mode has been tuned to integrate seamlessly with some of the most popular SaaS apps, which means we can see live data in the Lookout console within 10 minutes of setting up the connection. Within 90 minutes, we have enough telemetry from users, apps and data to spot anomalies and actionable insights needed to secure data.

Actionable information into your SaaS apps 

Before implementing new security policies, we first need to understand what’s going on. Within minutes of connecting to a SaaS app, the Lookout dashboards begin sorting telemetry from data usage and user behavior to make it easy for security administrators to digest it and take action. 

To help quantify threats and policy violations, we sort the information into three main categories: 

  • Cloud service type, such as SharePoint and Exchange within Microsoft 365
  • Activity type, such as user login and file sharing events
  • Location data, such as where data and users are geographically located
Here are the various dashboards that the Lookout CASB displays, each summarizing information such as the type of cloud service, user activity and geolocation.

In-depth insights enable new security policies 

In addition to categorizing SaaS activities, the Lookout CASB also automatically detects potentially high-risk incidents. With these in-depth insights, security teams have all the information needed to write robust policies. 

To help organizations quickly implement new policies, we provide compliance and security templates that make policy writing easy. We also enable administrators to set up automation rules, such as recurring scans, so they can conduct investigations without sifting through massive amounts of data.

Here are some of the information in the Lookout console Insights Investigate dashboard that can be used to build custom policies:

  • Malware detections, such as ransomware.
  • Geolocation anomalies, such as a user being in two different locations.
  • Login violations, such as single sign-on or authentication issues.
  • DLP violations, such as attempting to make changes to data without authorization.
  • DRM violations, such as downloading sensitive data.
  • External shares, such as sharing restricted data with unauthorized users.
The Insights Investigate dashboard in the Lookout console automatically groups incidents by type, enabling security teams to cut through the noise and focus on legitimate threats.

Securing data in SaaS apps can be easy get your free assessment today

Here at Lookout, we understand how powerful our solutions are. We are recognized as a Visionary in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE). Our CASB is also a Major Player in the 2021 IDC MarketScape for Cloud Security Gateway.  

But we also know how daunting it can be to try and protect SaaS apps because we’ve been there. It’s difficult to assess the validity of a product based on some words on a blog. This is why I would like to invite you to see our solution in action. 

We’ve created a SaaS Risk Assessment program where our security expert will set up Lookout CASB with an app of your choosing. Within 90 minutes, you’ll be able to see security issues and actionable insights into your most business critical apps.

Discover how Lookout can protect your data