Nadradený pojem:
Risks related to third-party cloud applications
Description
When enterprises shift to the cloud, their security perimeter extends
into the virtual realm. However, that security perimeter quickly
dissipates with each connected third-party cloud application that
employees introduce into the environment.
Workers want to improve their productivity and stay connected while on the job. But these shadow IT applications create a risk for enterprises. They touch the corporate infrastructure and can communicate freely with the corporate cloud and software-as-a-service (SaaS) platforms as soon as users grant access through open authentication (OAuth). These apps can have extensive—and, at times, excessive—access scopes. They must be managed carefully because they can view, delete, externalize, and store corporate data, and even act on behalf of users.
Workers want to improve their productivity and stay connected while on the job. But these shadow IT applications create a risk for enterprises. They touch the corporate infrastructure and can communicate freely with the corporate cloud and software-as-a-service (SaaS) platforms as soon as users grant access through open authentication (OAuth). These apps can have extensive—and, at times, excessive—access scopes. They must be managed carefully because they can view, delete, externalize, and store corporate data, and even act on behalf of users.
Importance
High