Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

2021 SaaS Risk Report Reveals 44% of Cloud Privileges are Misconfigured

Cloud apps make collaboration a breeze, but unless you’re keeping a close watch on identities, behavior, and privileges across each and every SaaS and IaaS you rely on, you’re a sitting duck.
Rob Sobers
1 min read
Published July 29, 2021
Last updated January 17, 2023

Cloud apps make collaboration a breeze, but unless you’re keeping a close watch on identities, behavior, and privileges across each and every SaaS and IaaS you rely on, you’re a sitting duck.

The cloud blurs the lines between personal and corporate accounts and non-admin users can break least privilege with the click of a “share” button. Securely offboarding contractors and employees from dozens of  SaaS apps is error prone and often results in shadow identities that attackers prey on.

If you’re not watching closely, users can silently copy, delete or expose your mission-critical data to just about anyone. And that data can be anything from your Salesforce customer list, your source code in GitHub, and your documents in Box and Google Drive.

To paint a picture of data risk across fragmented SaaS and IaaS environments, we created the 2021 SaaS Risk Report. We gathered and analyzed data from over 200,000 cloud identities and hundreds of millions of cloud assets for the report.

Our goal: to uncover key risks organizations face when trying to control unsupervised identities and shadow privileges that can put data at risk.

Here are just a few key findings:

  • Nearly 44% of cloud privileges are misconfigured.
  • 3 out of 4 cloud identities for external contractors remain active after they leave.
  • 3 out of 5 users are shadow admins.
  • 15% of employees transfer business-critical data to their personal cloud accounts.

👉Read the full report: 2021 SaaS Risk Report

🤔How did we get all this insight? It’s all thanks to DatAdvantage Cloud, our new cloud-hosted solution that protects your mission-critical SaaS applications and cloud data stores: AWS, Box, GitHub, Google Drive, Jira, Okta, Salesforce, Slack, and Zoom.

 👋Want to see how your SaaS and IaaS instances are putting you at risk? DatAdvantage Cloud visualizes and prioritizes your biggest risks so you can proactively reduce your blast radius. Request your tour today at https://info.varonis.com/cloud-demo

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

last-week-in-ransomware:-week-of-june-28th
Last Week in Ransomware: Week of June 28th
Ransomware in the News If you’re a small or medium business using locally hosted cloud storage drives by a popular brand you need to disconnect them from the internet immediately....
your-sales-data-is-mission-critical:-are-you-protecting-it?
Your Sales Data Is Mission-Critical: Are You Protecting It?
If you’re like many executives, you might assume your data is secure within those cloud applications. That’s a dangerous assumption, though. Cloud providers are responsible for everything that delivers their application (e.g., their data center); it’s your responsibility to protect the data inside it.
cloud-applications-put-your-data-at-risk---here's-how-to-regain-control
Cloud Applications Put Your Data At Risk - Here's How To Regain Control
Cloud applications boost productivity and ease collaboration. But when it comes to keeping your organization safe from cyberattacks, they're also a big, growing risk. Your data is in more places...
cloudbleed---cloudflare-unauthorized-data-leak
Cloudbleed - Cloudflare Unauthorized Data Leak
Cloudflare is a huge internet infrastructure company (5.5 million websites), which means that you likely use them every day that you’re online, without ever realizing it. Depending on what metric...