GIVE YOUR OPINION ON THE POST BELOW, ALSO ASK THREE QUESTIONS PRETAINING TO THE POST.
As the cloud has become the norm for many businesses and users at this point, I selected Software-as-a-Service (SaaS). SaaS is the concept of enabling users with the ability to connect and use cloud resources over the internet (Chkadmin, 2022). The most recent example that applies to many of us here at Strayer University would be Microsoft 365. Specifically, we can log in to Strayer University and utilize many of the Microsoft applications or “software” provided through this cloud service. This is a perfect example of SaaS and poses many benefits but offers many challenges as well.
One of the main issues with the SaaS option of Microsoft 365 is that the user’s credentials are the target. If a user’s credentials are compromised, malicious actors are provided direct access to not only the user’s data but also the data within the organization that the user’s a member of. This exposes potentially sensitive data and places other assets and users at risk.
Within my organization, we have additional security configurations in place for this specific reason. One example is multifactor authentication through something you have and something you know. Along with two-person authentication, when I enable or request access to certain information, another user with the same permission or more must authenticate my request. Through this configuration, justifications are required for auditing purposes as well to harden resources and limit unauthorized access.
References:
Chkadmin. (2022). Top 3 office 365 security concerns. Retrieved from https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-office-365-security/top-3-office-365-security-concerns/