Manage Shadow IT, Ensure Safe Adoption of SaaS Applications


Small- and mid-sized organizations are increasingly moving their business applications and IT infrastructure to the cloud. According to IDC, adoption rose from 20 to 70 percent for small companies (up to 100 employees), and 90 percentage for midsize organizations (up to 999 employees).

It’s no secret that businesses adopt cloud and SaaS applications to enhance agility and productivity to stay ahead of competition. But the same can be said for individuals within the business, who can deploy and on-board SaaS applications (e.g., Jira, Dropbox, Slack) with just a few clicks. Business unit heads or even project managers just submit their credit card information and voila, the team has access to an instance of a new collaboration tool.

This is great for productivity. But what about security?

Typically, when individual teams set up an instance of a SaaS application, it is outside the control or knowledge of the IT department. IT administrators do not have the visibility into which users are using these applications and what data is being consumed. In addition, employees use free accounts on public cloud services, such as Dropbox and Gmail, to collaborate. This is shadow IT.

According to Gartner, by 2020 one-third of security breaches will be because of shadow IT. In this new world, CSOs and IT struggle with the following problems:

  • Losing control over sensitive corporate data traversing through public or hybrid clouds and data centers, giving rise to risks such as unauthorized access, malware propagation, data leakage and non-compliance
  • Balancing security budgets, shadow IT practices and employee productivity.

IT administrators need a tool that provides visibility with the context of risk to understand the overall risk posture of the organization and a tool to assess all the shadow IT applications being used on the network.

For SMBs and mid-tier enterprises, this means a cost-effective offering that delivers functionality like a Cloud Access Security Broker (CASB) solution, which provides discovery, visibility and control over the usage of all the cloud applications and corporate data being accessed.

Introducing SonicWall Cloud App Security

SonicWall Cloud App Security is a cloud-based security service that enables organizations to secure SaaS application usage and reduce risk of shadow IT.

Delivered through SonicWall Capture Security Center (CSC), Cloud App Security is available as part of the SonicWall Capture Security Center Analytics subscription bundle. The solution seamlessly integrates with your existing SonicWall infrastructure and leverages next-generation firewall (NGFW) logs to provide CASB-like functionality by delivering discovery, visibility and control of cloud application usage.

Cloud App Security analyzes log files from SonicWall NGFWs against an in-house registry of 9000-plus SaaS applications, and reveals:

  • Applications in use and by which users
  • Data volumes uploaded to and downloaded from the cloud
  • Risk and category of each cloud service.

In effect, SonicWall Cloud App Security makes your existing infrastructure cloud-aware.

Automated cloud application discovery with SonicWall next-generation firewalls

Real-Time Dashboard

The SonicWall Cloud App Security real-time dashboard enables administrators to quickly assess the overall risk posture.

The dashboard displays risk assessment for real-time and trending views of:

  • Number and type of cloud applications being used
  • Number of users accessing cloud applications
  • Amount of data being used by cloud applications

Administrators can also monitor the top users and application by usage, and location from which the application is being used.

Discovery & Control

In the Discovery view, IT administrators can classify applications based on the risk score and other organizational factors as Sanctioned or Unsanctioned IT applications for use. Through the SonicWall Capture Security Center, the solution empowers administrators to set block/unblock policies and control Sanctioned and Unsanctioned IT applications on the network.

With employees increasingly using cloud applications for work, Cloud App Security enables administrators to detect gaps in security posture, classify cloud applications into sanctioned and un-sanctioned IT applications, and enforce access policies to block risky applications. The solution ensures safe adoption of cloud applications without impacting employee productivity at a low total cost of ownership.

SonicWall Cloud App Security is available with the SonicWall Capture Security Center Analytics bundle.

This post is also available in: French German Spanish Italian

SonicWall Staff