SaaS Security: Gartner s 5 Tips For IT Pros #collaboration #apps


SaaS Security: Gartner’s 5 Tips For IT Pros

Cloud services present a major challenge to IT professionals charged with safeguarding their organizations. These 5 steps can help managers bridge the gaps in SaaS security.

7 Cyber-Security Skills In High Demand

(Click image for larger view and slideshow.)

IT managers trying to protect their businesses are challenged to apply the same corporate security tactics used in-house to their public cloud deployments, according to a new report from Gartner .

More organizations are moving to mobile and software-as-a-service (SaaS) applications as part of the digital transformation process, according to Gartner. This is a necessary step, but one that often leaves security gaps traditional IT solutions cannot fill.

In particular, IT managers face a major challenge in the large number of cloud applications procured without their knowledge — a practice known as Shadow IT. Many of these services lack sufficient enterprise controls, and security practitioners are unsure of how to secure them all.

“The heart of the issue is that most organizations are moving to a relatively large ecosystem of cloud service providers, rather than a monoculture,” said Gartner research VP Craig Lawson in a statement. The influx of cloud apps can do more harm than good.

“Creating and maintaining a security policy on a per-cloud-service basis is more than a chore when hundreds of cloud services are in use — it quickly becomes a high source of risk,” Lawson explained in the statement.

The trend has escalated to the point where the growth of cloud and mobile adoption has surpassed the control IT organizations have over their risk exposure. As a result, user behavior is a greater concern than vulnerabilities inherent to any cloud service provider.

Most businesses try to address the wrong SaaS risks, Gartner found. For example, IT managers are more likely to focus on provider security failure — which is relatively unlikely — than to address how they manage their own users and data.

When IT departments attempt to limit SaaS use within the enterprise, their efforts are often insufficient. They may cause users to find less secure alternatives. On top of this, their processes for buying SaaS products fail to meet the need for user, activity, and data controls.

Cloud vendors add to the IT challenge by not offering many assurances for their security features. Customers are left responsible for implementing native or third-party security measures. Many cloud services don’t offer security policy tools to span cloud services outside their own.

It’s critical for security practitioners to do everything they can to minimize the risk of SaaS security gaps within their organizations. These five steps, as recommended in Gartner’s report, can help security managers tighten cloud security and keep their organizations safe:

  • Leverage Cloud Access Security Brokers: These can help IT managers pinpoint unauthorized SaaS apps and help them decide whether the apps should be replaced. CASBs give managers a single control point to manage risk across a set of cloud services.
  • Recommend business-ready cloud services: Security standards will be better addressed by services that align with your organization’s specific technical needs.
  • Use third-party tools: Built-in tools and third-party services alike can boost the security of corporate data across cloud services and SaaS apps.
  • Support enterprise agility: Security pros can support enterprise agility by showing how IT can change as quickly as the business can.
  • Use threat protection: IT managers should launch the threat protection features of CASBs and Identity-as-a-Service (IDaaS) to cover cloud-based services that existing security solutions cannot access.

Have you faced challenges with cloud and SaaS security in your organization? Are these measures enough to help you mind the gaps? Are there other tips and tricks that have worked for you? Tell us about it all in the comments section below.

Kelly Sheridan is Associate Editor at Dark Reading. She started her career in business tech journalism at Insurance & Technology and most recently reported for InformationWeek, where she covered Microsoft and business IT. Sheridan earned her BA at Villanova University. View Full Bio

Litera – Document and Content Lifecycle Management Software – Litera #secure #collaboration


Documents are the currency of business; your content defines its value. Litéra’s content solutions protect reputation. manage risk and increase productivity. providing the control and mobility you need. We help you get the job done, on any device, anywhere.

  • Documents are the currency of business; your content defines its value. Litéra’s content solutions protect reputation. manage risk and increase productivity. providing the control and mobility you need. We help you get the job done, on any device, anywhere.

    Litéra offers you solutions to answer

    Inside Your Organization

    Where is the document? How many locations? How many versions? Which repository is the document in? When was it copied, sent, and to whom. What changes were made? Who approved the changes? How complete is the project? Who is holding up the project?

    Outside Your Organization

    Who has custody of the document? Can you revoke custody or deny access? Is the file encrypted to deter cyber hackers? Was an iPad left in a taxi? Will the document reach your competitor s inbox? Are you truly collaborating with partners. or just sharing files? Is the deal room secure?

  • What is Enterprise Collaboration Systems ECS? Webopedia Definition #enterprise #collaboration #systems #ecs


    Enterprise Collaboration Systems ECS

    Related Terms

    Abbreviated as ECS, E nterprise C ollaboration S ystems is a type of information system (IS ). ECS is a combination of groupware. tools, Internet. extranets and other networks needed to support enterprise -wide communications, such as the sharing of documents and knowledge to specific teams and individuals within the enterprise. Some examples of enterprise communication tools include e-mail. videoconferencing. collaborative document sharing, project management tools and others. The objective of an ECS is to provide each user with the tools for managing communications, documents and other information that individuals need to manage their own tasks efficiently in their departments.

    enterprise collaboration platform

    Enterprise Content Management

    Related Links



    Stay up to date on the latest developments in Internet terminology with a free weekly newsletter from Webopedia. Join to subscribe now.

    This chat guide lists more than 1,460 text message and online chat abbreviations to help you translate today’s texting lingo. Read More

    From keyword analysis to backlinks and Google search engine algorithm updates, our search engine optimization glossary lists 85 SEO terms you need. Read More

    Microsoft Windows is a family of operating systems for personal computers. In this article we look at the history of Microsoft operating. Read More

    Computer architecture provides an introduction to system design basics for most computer science students. Read More

    Networking fundamentals teaches the building blocks of modern network design. Learn different types of networks, concepts, architecture and. Read More

    Java is a high-level programming language. This guide describes the basics of Java, providing an overview of syntax, variables, data types and. Read More

    Document Collaboration and Editing Software #file #sharing, #document #collaboration, #document #comparison


    The fastest way
    to compare and
    review documents

    With tighter regulations around data protection and recent concerns over privacy issues, Professional enables Clyde Co to remain flexible to meet the needs of the attorneys, while retaining complete data control.

    Chris White
    Global CIO

    The ability to easily integrate into our Livelink meant we could take the additional benefits of Workshare such as efficient document comparison while allowing users to continue using the DMS they re familiar with.

    Alan Lee
    IT Manager

    It’s rare to find a product that works so well and meets the specific needs of our firm. Workshare allows us to make better use of our IT resources because it’s completely automated and doesn’t require any intervention from users.

    Chris Duncan
    IT Director

    We needed a highly secure platform that would allow our customers and consultants to access and collaborate on documents remotely.

    Workshare is simple to use and offers our members the opportunity to build personal relationships over a wide range of disciplines and regions with like-minded lawyers.

    Gary Yantin
    Managing Director

    With Professional 8 and Protect Server, we have met our lawyers’ needs for an easy-to-use application, and IT’s need for 360-degree protection.

    Anthony Graham Head of Information Systems

    Thomson Snell Passmore LLP

    Managing large volumes of documents and amendments from multiple authors, can become a serious cost issue when your document crashes and one of your lawyers spends 12 hours trying to fix it.

    Derek Brookes
    IT Director

    We looked at ShareFile and Dropbox, and decided to go for Workshare as we have a very long relationship with the company. We tested the application and it covered all our requirements and we went for it!

    The transition to Workshare was painless. The platform required very little training and on the few occasions that we have contacted Workshare s support line, we were very pleased with their quick and helpful responses.

    Nick Gaunt
    Chief Information and Knowledge Officer

    NHS Institute of Innovation and Improvement

    As part of our strategy to transition to SaaS, it was important that we found a supplier that could host our data and documents in the UK. Workshare gives us complete control, while still being simple to use.

    David Bennett
    Head of Information Systems

    We have given users the confidence that their documents don t contain any sensitive data. We ve improved the way we manage documents and expect to see a return on investment in less than a year.

    Workshare allows us to more effectively fulfil ECHR’s obligations as the world’s largest legal government agency with regards to the publication of legal documents.

    John Hunter
    Head of IT

    Workshare is much more than your standard sharing and collaboration platform. For Sandler, it has become an integral tool to help our clients develop themselves, improving client interactions and satisfaction.

    Luke Davies
    Managing Director

    With Workshare we have cut down our document review cycles by 50% and can share and compare confidential documents more efficiently.

    Eduardo Snape
    IT Director

    Galindo, Arias Lopez

    XWiki – The Advanced Open Source Enterprise and Application Wiki (me) #wiki,


    XWiki – The Advanced Open Source Enterprise and Application Wiki

    The Advanced Open Source Enterprise Wiki

    XWiki Projects

    XWiki Extensions

    This releases is mostly focused on usability improvements. It adds support for batch restore of deleted pages from the recycle bin. The content menu has received some polishing. The live notification system has been improved to group similar notification messages and to show notifications for page comments. The history of an extension page now includes a special revision that corresponds to the extension version so it is easier to “reset to factory defaults”. Finally, the Help Center and the Menu application are now part of the default XWiki distribution.

    As usual, this version also brings bug corrections. .

    USH use XWiki to manage their resources, which are organized by themes. Panels, tags and livetables are used for navigation. The advanced search capabilities with filters make it easy to find the appropriate resources.
    XWiki is also used to promote the H’Expo congress and salon. On a dedicated wiki you can find the event program, reports, a photo / video section, as well as a registration area for participants.

    Quick Links

    Let us know