New York, NY – August 24, 2021
DoControl today announced a new report, Quantifying the Immense Risk of Unmanaged SaaS Data Access, which provides data-driven insights into the growing number of insider and external threats due to vast amounts of unmanageable data in today’s enterprises. Based on customer data, the findings clearly illustrate there is a magnitude of SaaS data exposure, with 40% of all SaaS assets unmanaged, providing internal, external and public data access.
According to Gartner, global SaaS revenue will grow nearly 38% to more than $140 billion between 2019 and 2022. Although cloud-based applications dramatically increase the efficiency and productivity throughout an enterprise, there is a significant threat that is often underestimated by CIOs and CISOs - unchecked and unmanaged data access by the SaaS provider. And with the growing adoption of SaaS applications, this threat is growing exponentially, putting companies at greater risk for data leaks.
As a benchmark, the average 1,000 person company stores between 500K and 10M assets in SaaS applications. Companies enabling public sharing may face up to 200,000 of these assets being shared publicly. DoControl aggregated and analyzed myriad data from its customer base. Below are key findings categorized by external and insider threats:
“The past year forced many organizations to collaborate with many external parties and adjust their existing workforce to support remote collaboration,” stated Adam Gavish, CEO and Co-Founder of DoControl. “To date, security practitioners focused on enabling SaaS access in a secure manner, now is the time for them to prioritize the relevancy of this data access internally and externally. Unmanageable data access poses a significant risk to any organization and increases the likelihood for a data breach. While SaaS apps are designed to promote collaboration, in this ever growing attack surface security teams must pay attention to ongoing data access at scale. DoControl is committed to helping organizations ensure no unauthorized person has access to company data without slowing down business enablement nor changing the end user’s day to day work.”
Founded in 2020 and headquartered in New York, DoControl is an automated data access controls platform for SaaS applications, improving security and operational efficiency with ease for enterprises. DoControl is backed by investors RTP Global, StageOne Ventures, Cardumen Capital and global cybersecurity leader CrowdStrike's early stage investment fund, the CrowdStrike Falcon Fund. The company's leadership team combines product, engineering and sales experience across cybersecurity, enterprise and SaaS innovators. For more information, please visit https://www.docontrol.io. Follow us on Twitter and LinkedIn.
Research-based benchmarks to assess risk across critical threat model