This IDC PlanScape provides guidance to IT, information security, and cybersecurity leaders on navigating the complex landscape surrounding SaaS security. It details which risks arise when organizations adopt SaaS and then discusses actionable steps for mitigating SaaS security risks. Those steps include, in part, adopting security tools designed specifically for SaaS, but because the SaaS security tool ecosystem remains relatively new and not fully developed, additional types of tools may also be necessary. In addition, tools alone cannot protect against all SaaS security risks, which means that implementing effective governance and procurement policies related to SaaS applications is also crucial."Higher reliance on cloud-based applications represents a security risk that is not mitigated by traditional security tools and strategies," says Christopher Tozzi, adjunct research advisor for IDC's IT Executive Programs (IEP).
Please Note: Extended description available upon request.
IDC PlanScape Figure
Executive Summary
Why Is SaaS Security Important?
What Is SaaS Security?
Who Are the Key Stakeholders?
How Can My Organization Take Advantage of SaaS Security?
Limited SaaS Security Tool Availability
Multiple SaaS Security Tools May Not Cover All Apps
SaaS Security May Require Multiple Types of Solutions