Skip to content

Access Control Gaps Continue to Leave a Trail of Data Breaches

Published: at 10:25 AM

Having worked closely with SaaS Security Posture Management (SSPM) solutions over the last two years, I’ve witnessed firsthand the value they provide in securing cloud environments. Being that it’s the end of the year, I was highly interested to read the 2024 SaaS Security Forecast. While reading the article, I was reminded of a post by Brian Krebs earlier this year that discussed Salesforce data breaches through misconfigurations.

Krebs revealed that several Salesforce Community websites allowed unauthenticated guest access to sensitive customer data, including bank account information, Social Security numbers, and more. The root cause? Access control errors granting overbroad data permissions.

Having worked with SSPM, I immediately recognized these kinds of access and identity management missteps. This issue is not exclusive to Salesforce. As mentioned in the 2024 SaaS Security Forecast from AppOmni, “the misconfigurations identified by Krebs are common and are not unique Salesforce instances, but rather they represent a ubiquitous security risk across the SaaS estate. One of the main ways SaaS instances are compromised is due to misconfigured identity and access permissions. In these scenarios, guest accounts are over-permissioned or multi-factor authentication (MFA) is not enforced”.

Unfortunately, organizations confirm these problems persist at scale. Thales’ latest Cloud Security Study found over a third of companies suffered a cloud data breach last year, with human error causing over half.

These breaches highlight how quickly access mistakes can spiral into full-scale data exposure incidents. Traditional security tools are ill-equipped to prevent these “human error” risks as they lack continuous environmental oversight. This is where SaaS Security Posture Management solutions shine…

SSPM takes a radically different approach from periodic scans or manual audits. It continuously inspects configurations, permission settings and more across an organization’s entire SaaS ecosystem. This allows for catching risks like over-permissive guest accounts or toxic access control combinations before they become data leaks.

Unlike traditional tools, SSPM solutions act as an automated safety net against errors in intricate cloud platforms that often baffle IT teams. By assessing environments in real-time, risks surfaced and fixed faster before turning into regulatory nightmares.

The Salesforce breaches provide a sobering reminder as cloud adoption grows exponentially. To lock down data, we need to lock down settings with robust SaaS-centric controls. As human errors keep triggering data incidents, SSPM is no longer a “nice to have” but a must-have for securing our cloud future.