As per the 2023 SaaS Security report by AppOmni, 79% of companies have reported a security incident related to SaaS in the last year. With the increased use of SaaS applications for storing sensitive data, the focus on securing these applications has intensified. Deploying Security Service Edge (SSE) solutions with Zero Trust Network Access (ZTNA) is a popular approach to securely link remote and hybrid workers to cloud-based applications.
The landscape of work environments, user preferences, and customer services is evolving, leading to widespread remote access to cloud applications beyond corporate networks or VPNs. This shift, along with changes in SaaS use, compliance demands, and interconnectivity between cloud applications, introduces new security challenges that need addressing by security teams.
This piece elaborates on how Cisco and AppOmni collaborate to extend zero trust principles to safeguard SaaS applications and data through a comprehensive zero trust framework.
Introduction to Zero Trust Posture Management
Today’s organizations use a multitude of SaaS applications managed by diverse departments, often without much oversight from security teams. Most SaaS breaches occur due to breaches in implicit trust models, such as a sales user granting unauthorized access to guest users or a test user creating new users and providing excessive privileges. These scenarios are common in how SaaS applications and user permissions are set up.
Zero-trust infrastructures are constructed on explicit trust that is continuously evaluated based on identity and contextual risks. Extending these zero-trust principles to SaaS applications requires designing, maintaining, and monitoring policies that ensure SaaS identities are never implicitly trusted but always verified, irrespective of the user’s location. This zero-trust model for SaaS necessitates real-time assessment of the application context, data access, users, behaviors, and events. This approach should work in conjunction with ZTNA controls to provide security teams with enhanced capabilities to prevent, detect, and respond to threats at the application level. Collectively, these capabilities are referred to as Zero Trust Posture Management (ZTPM) for SaaS applications.
Cisco Secure Access and AppOmni SaaS Security Platform
Cisco Secure Access offers a robust, cloud-centric SSE solution built on zero trust principles to ensure secure access from any user to any application. It simplifies IT operations through a centralized, cloud-managed console, unified client, centralized policy creation, and consolidated reporting. Various security functions are integrated into a single solution (ZTNA, secure web gateway, cloud access security broker, firewall as a service, DNS-layer security, remote browser isolation, and more) to mitigate risks by enforcing granular security policies guided by zero trust principles.
Complementing Cisco’s zero trust access model, AppOmni implements ZTPM principles to address a critical gap in conventional zero trust setups by securing the application layer comprehensively, regardless of the access location. It offers unparalleled visibility into configurations, security postures, SaaS identities (both human and machine), and user behaviors within SaaS applications. This ensures the deep integration of zero trust principles within applications managing critical business data.
Implementing Comprehensive Zero Trust Measures with Cisco and AppOmni
Synergies Between ZTPM and ZTNA
While Cisco Secure Access ensures seamless and managed access to internal and external applications based on user identity and device posture, AppOmni extends security measures to the application layer.
Cisco Secure Access provides:
- Secure access to all applications, including those with non-standard protocols or based on multi-channel and client-to-client architectures
- A unified management console across all security modules
- Comprehensive security capabilities, consistent rulesets, and low learning curve
- Scalable cloud-native architecture supporting extensive end-user counts with efficient single-pass processing for rapid responses
- Automatic traffic load distribution and rebalancing for enhanced performance
AppOmni ZTPM features encompass:
- Insights into data access configurations and least privilege assignments within SaaS applications
- Security coverage for all SaaS identities (human and machine), including external users, anonymous/guest users, and third-party or cloud-to-cloud applications
- Threat detection capabilities that are application and identity-aware to monitor user behaviors of internal and external users
- Continuous monitoring of application posture, configuration drift, and critical components of SaaS applications
- Identification and remediation of misconfigurations, such as side-loaded accounts or misconfigured Single Sign-On (SSO), that could circumvent ZTNA controls and safeguard users against password attacks and account compromises
Ongoing visibility into app configurations and activities creates a crucial feedback loop in a zero-trust framework. This strategy dynamically adjusts security measures or terminates access based on suspicious activities utilizing a user’s permissions, data access rights, and behaviors.
Furthermore, AppOmni bolsters the integrity of ZTNA functions by identifying potential application misconfigurations that might allow bypassing ZTNA controls. By embedding zero trust principles throughout their applications, customers can detect unmanaged accounts, insufficient IP restrictions, and other security loopholes. This proactive approach enhances user and access settings to fortify ZTNA defenses, protecting users and data against threats like phishing attacks.
Next Steps
Organizations looking to extend zero trust principles to their SaaS applications can reach out to AppOmni or Cisco to explore the joint solution and request a demo.
Contributors to this blog post
- Chandra Sekar, Chief Marketing Officer, AppOmni
- Vivek Kumar, Senior Director of Software Alliances, AppOmni
We value your feedback. Feel free to Ask a Question, Comment Below, and Connect with Cisco Security on social media!
Cisco Security on Social Media
Instagram
Facebook
Twitter
LinkedIn
About Author
