December 9th 2013
Software-as-a-Service (SaaS) applications can provide a lot of utility to businesses by enabling them to greatly streamline operational efficiency. However, apps have become so commonplace that many employees don't think twice before leveraging them. This can lead to unauthorized apps being used in the workplace, which can have a variety of negative effects – most notably, opening organizations up to cyber security threats.
McAfee recently released a new study that found as many as 80 percent of survey respondents use non-approved SaaS applications to make their jobs easier. While these unauthorized apps may be more familiar or seem more intuitive to employees, they can create gaps in cybersecurity protocols that hackers could use to access critical company assets. According to the report, the top unauthorized apps are Microsoft Office 365 (9 percent), Zoho (8 percent), LinkedIn (7 percent) and Facebook (7 percent).
Illustrating the dangers of unauthorized app usage, is the fact that as many as 15 percent of respondents experienced a security, access or liability event while leveraging these tools. The report also found that ease-of-use was a critical factor for using unauthorized apps, with 18 percent agreeing with the sentiment that IT restrictions make their jobs more difficult.
"There are risks associated with non-sanctioned SaaS subscriptions infiltrating the corporation, particularly related to security, compliance and availability," said Lynda Stadtmueller, program director of the Cloud Computing analysis service within Stratecast. "Without appropriate knowledge, non-technical employees may choose SaaS providers or configurations that do not measure up to corporate standards for data protection and encryption."
"They may not realize that their use of such applications may violate regulations concerning handling and storage of private customer data, leaving the company liable for breaches," Stadtmueller added.
The ever-present threat of cybersecurity
Several reports have suggested that cyberattacks are not only occurring with greater frequency, they're also costing companies more money to deal with. Unauthorized app usage only serves as a way to open the gate to cyber criminals, which can jeopardize organizations' financial accounts, customer databases, intellectual property and other critical assets.
Businesses need to ensure that employees – particularly high-ranking executives – are using secure devices to prevent security gaps from being capitalized on and data falling into the hands of the wrong individuals. Careful monitoring and following adequate cybersecurity best practices can go a long way in that regard.