As SaaS-to-SaaS app installations are on the rise, organizations are presented with a unique challenge: how to control the proliferation of applications and the resulting risk to their data. In order to better understand the scope of the problem, Adaptive Shield has released a report on the risks and realities of third-party connected apps. Here are the top 5 key findings from the report:
Finding #1: Connected Apps Run Deep
The report found that companies using M365 average 0.2 applications per user, while those using Google Workspace average 0.6 applications per user. Companies of 10,000 SaaS users size using Google Workspace have more than three-times the amount, averaging 6,710 connected applications.
Finding #2: The More Employees, the More Apps
The report found that the number of applications continues to grow with the number of users. Companies using Google Workspace with 10,000-20,000 employees average nearly 14,000 unique connected applications.
Finding #3: SaaS-to-SaaS App Risk is High
Among high-risk scopes, 15% of M365 applications request the authority to delete all files that the user can access. It gets even scarier in Google Workspace applications, where 40% of high-risk scopes receive the ability to delete all Google Drive files.
Finding #4: Connected Apps Also Have Tremendous Breadth
The report reveals that Salesforce averages 41 integrated apps per instance. Assuming Salesforce is typical of similar applications, those 350 apps integrating with 40 apps each adds an additional 14,000 third-party applications into the equation.
Finding #5: M365 and Google Workspace Have Similar Number of High-Risk Apps
The report found that apps request high-risk permissions from M365 39% of the time; Google Workspace apps only request high-risk permissions 11% of the time. In terms of real numbers, an average installation in a company with 10,000 SaaS users using M365 will have 813 high-risk apps, while Google Workspace will have 738 apps that are considered high-risk.
In conclusion, the Adaptive Shield report offers some key insights into the growing risk of SaaS-to-SaaS app connections. Organizations need to be aware of the number of connected apps, the associated scopes, and the breadth of applications for each SaaS platform. Security teams need to have visibility into the thousands of apps being connected to the SaaS stack and make a cost-benefit analysis for each high-risk connected app. SaaS security solutions, like Adaptive Shield, provide the visibility needed to control the level of risk and prevent data from falling into the wrong hands.
Key Points:
• SaaS-to-SaaS app installations are growing nonstop at organizations around the world.
• Companies using M365 average 0.2 applications per user, while those using Google Workspace average 0.6 applications per user.
• For high-risk scopes, 15% of M365 applications request the authority to delete all files that the user can access, while 40% of Google Workspace applications have this scope.
• Salesforce averages 41 integrated apps per instance, which adds an additional 14,000 third-party applications into the equation.
• Apps request high-risk permissions from M365 39% of the time; Google Workspace apps only request high-risk permissions 11% of the time.
• Security teams need visibility into the thousands of apps being connected to the SaaS stack and make a cost-benefit analysis for each high-risk connected app.