How to Handle Retail SaaS Security on Cyber Monday
If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and engagement will be captured by a CRM platform. Inventory applications will trigger automated re-orders; communication tools will send automated email and text messages confirming sales and sharing shipping information.
SaaS applications supporting retail efforts will host nearly all of this behind-the-scenes activity. While retailers are rightfully focused on sales during this time of year, they need to ensure that the SaaS apps supporting their business operations are secure. No one wants a repeat of one of the biggest retail cyber-snafus in history, like when one U.S.-based national retailer had 40 million credit card records stolen.
The attack surface is vast and retailers must remain vigilant in protecting their entire SaaS app stack. For example, many often use multiple instances of the same application. They may use a different Salesforce tenant for every region they operate in or have different tenants for each line of business. Each one of these tenants must set up their configurations independently, with each one limiting risk and meeting corporate standards.
Here are a few areas retailers should focus on to ensure their SaaS Security over the entire holiday season.
Control Privileges & Access in Your App Stack
Access Control settings are particularly important to retailers. They limit who can enter an application and the privileges those users will have once inside the app. Limit access and visibility to sensitive data to those who requrie it to perform their job functions. Creating role-based access and monitoring employees to ensure they have an appropriate level of access based on their role is a key step in reducing the risk level.
One additional area worth reviewing is access granted to former employees. Former employees should almost always be deprovisioned as part of the offboarding process. When applications are connected to an SSO and access is only through that SSO, the offboarding is automatic. Unfortunately, many retailers have apps that either sit outside the SSO or allow employees to log in locally. In those circumstances, employees must have their access removed manually from each application.
Prevent Data Leaks
Pricing information is one of the most sensitive pieces of information retailers have. While web crawlers may have access to published prices, it’s of paramount importance to protect future pricing strategies and plans. During the holiday season, when competitors are looking for every pricing and promotion advantage, securing this information behind serious data leakage protection is a top priority.
When available, turn on encryption settings to prevent unauthorized users from viewing your critical data. Turn off the ability to share or email files outside the organization and require some form of user authentication before users can access boards, spreadsheets, and databases.
Protecting customer information from leaks should be another high priority for retailers. Nothing will drive customers away from your website than reports of personal information, such as PII (Personal Identifiable Information) and payment information, being leaked. Harden security settings to prevent unauthorized data leaks from the application.
Defend Against Insider Threats
Unfortunately, we live in an era of insider threats. In Adaptive Shield’s annual survey, 43% of respondents said they had experienced corporate espionage or an insider attack within their SaaS stack. Preventing these types of attacks are notoriously difficult, as authorized users log in with verified credentials and their nefarious activities are all within the parameters of their access.
For retailers, monitoring user activity is one way to detect threats before they turn into full-blown breaches. Using an Identity Threat Detection & Response (ITDR) tool that monitors and analyzes user behavior can identify these threat actors. , retailers can detect a user’s behavioral anomalies. By analyzing behavioral anomalies, which might include accessing data during unusual times or downloading an unusual amount of data, retailers can uncover insider threats and protect themselves.
Automate SaaS Security to Secure Applications
Some retailers may monitor these settings and behaviors manually or with older technologies like CASBs. Neither of those approaches are likely to be effective. SaaS settings can change without notice, and it’s far too easy to miss the signs of insider threats.
SaaS Security Posture Management (SSPM) tools, like Adaptive Shield are the only effective way for retailers to secure their whole SaaS stack. They automatically and continually monitor settings, even over the busy holiday season, to detect and identify misconfigurations, unauthorized access, and users that need to be fully deprovisioned.
Using an SSPM, retailers can move ahead confidently, knowing that every tenant of their applications in every country they operate is secure. They can update strategies, retain customer data, and monitor users to prevent insider attacks.
Resource : https://thehackernews.com/2023/11/how-to-handle-retail-saas-security-on.html