March 12, 2024 Next DLP Brings Shadow SaaS Into The Light

Reveal SaaS Access Security transforms unseen risks into proactive cloud data security measures.

Next DLP (“Next”), a leader in insider risk and data protection, today announced the launch of Reveal SaaS Access Security to its industry-leading Reveal Platform. This new functionality marks a significant advancement in addressing the pervasive challenges of shadow software-as-a-service (SaaS) usage and the associated risks of sensitive data exposure in today’s digital-first business environments.

Due to the lack of visibility and control, shadow SaaS heightens the chance of data leakage and compliance violations as employees may inadvertently leak confidential data through unapproved cloud applications. Risk is further amplified with the use of non-corporate or corporate credentials that are then easily susceptible to compromise. As organizations embrace web applications, including generative AI tools like ChatGPT, there is a pressing need to gain comprehensive insights into web app usage to proactively manage and mitigate data exposure risks.

A study conducted by Next in January 2024 unveiled a multifaceted security challenge with SaaS applications. Insiders transferring data to personal online storage accounted for over 17% of detected exfiltration activities. Additionally, the widespread use of messaging services (such as WhatsApp, Signal and Facebook) and PDF conversion platforms was prevalent among users, bringing further focus to potential security vulnerabilities. These findings further highlight the need for this new capability, providing organizations with a holistic view of SaaS application use, whether sanctioned, unsanctioned, or unknown, as well as identity-based risk.

Key features of Reveal SaaS Access Security include:

• Holistic Visibility: A centralized dashboard and inventory offering detailed insights into SaaS app usage, empowering organizations to identify and manage sanctioned and unsanctioned web apps, including emerging generative AI applications, and logins through both corporate and personal accounts.
• Proactive Data Exposure Monitoring: Continuous monitoring of data transfers within SaaS applications facilitates the early detection of data exposure risks, protecting proprietary company information and intellectual property.
• Real-time Risk Mitigation: Real-time controls, including employee education, to prevent data exfiltration attempts within both sanctioned and unsanctioned apps enhances the organization’s ability to respond swiftly to potential incidents.

Subscribe to Industry Today