Minimizing the SaaS Security Risk

In many enterprises, the use of software-as-a-service (SaaS) applications is spinning out of control, yet most companies don't know what to do about it, given the fact that the consumerization of IT appears to be an unstoppable trend.

As part of an effort to address that issue, Fidelis Security Systems has unfurled a cloud-security offering that combines the company’s SSL Inspector and networking monitoring technology to identify SaaS traffic moving in and out of the enterprise.

According to Hardik Modi, senior product manager for Fidelis, the Fidelis XPS is capable of stopping advanced threats using content inspection techniques in real time to prevent data breaches while not affecting application performance. At the same time, the Fidelis SSL Inspector allows organizations to identify threats hidden within SSL-encrypted communications. Fidelis is packaging the two technologies together in an on-premise appliance as part of an effort to help IT organizations secure a Web applications layer that is largely undefended in most organizations.

Whether users are utilizing corporate-sanctioned services such as Salesforce.com or unsanctioned services such as DropBox.com, the consumerization of IT is moving past the ability of many IT organizations to keep pace with the level of threat associated with these applications.

End users have been trying to use SaaS applications to do an end-run around IT for a variety of reasons for multiple years now. As security technologies evolve, however, IT organizations finally are able to begin leveling the security playing field.