Page 174 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 174
employees are added or removed, new applications are onboarded, and permissions and configurations
are updated.
Taking these factors into account, it’s unrealistic to expect security teams to continuously ensure all
configurations are enforced company-wide and ensure they meet compliance standards without an
automated tool.
This is why SSPM is so vital. With an SSPM solution, organizations can map out all the user permissions,
encryption, certificates, and security configurations available for each SaaS application. This provides
visibility into user privileges and sensitive permission and allows teams to correct any misconfiguration
in these areas, taking into consideration each SaaS application’s unique features and useability. As a
result, whether a company has twenty-five SaaS or 500 apps, they can more easily comply with their
company standards and industry-standard such as NIST and compliance mandates such as SOC 2.
If you are planning to introduce SSPM or are already using one, I recommend making sure the solution
can compare your SaaS security misconfiguration checks with the major industry standards — and that
you have the ability to build your own custom company policy.
About the Author
Maor Bin is the CEO and Co-Founder of Adaptive Shield. A former
Cybersecurity Intelligence Officer in the Israel Defense Forces
(IDF), Bin has over 16 years in cybersecurity leadership. In his
career, he led SaaS Threat Detection Research at Proofpoint and
won the operational excellence award during his IDF service. Maor
can be reached online at https://www.linkedin.com/in/maorbin/ and
at our company website https://www.adaptive-shield.com/.
174
