This post was originally published here by Shane Moore .
The first time I saw this graphic I was stunned, and so was the customer! What you are looking at is a view of all the Microsoft Office 365 logins for a large US-based organization after Bitglass was configured as a SAML (security assertion markup language) relay to their identity provider (IDP). All of this organization’s operations are based in the US, so there is no reason that anyone should log in from another country. This tells us that unauthorized users around the world somehow gained access to compromised usernames and passwords and proceeded to use them to log in.
This graph that we provide at Bitglass has always been one of my favorite features. If you have several SaaS applications, we show all activity for each one on this global map. We also allow you to drill down into these locations to see the specific user and SaaS activity. Without this functionality, you may not have consistent visibility into all of your SaaS applications, since each one will have a unique way of reporting. With a cloud access security broker (CASB), you can decline or allow access from specific countries with contextual access control and enable step-up multi-factor authentication (MFA) for users accessing data in suspicious fashions. Additionally, CASBs have the ability to log all SaaS activity in one location and send that information to your SIEM (security information and event management) of choice. Features like these can put a stop to unauthorized access and help organizations keep their sensitive data secure.
Just as organizations used to deploy on-premises applications into data centers with firewalls, they must now equip themselves with the appropriate cloud security when using SaaS applications. Bitglass is a solution that provides cloud data protection for any application and any device. Whether an employee is using a corporate-issued laptop or a personal mobile phone, a leading CASB like Bitglass can enable an organization to enforce policies and secure access wherever data goes. So, whether a company is allowing bring your own device (BYOD) for their employees or only securing managed endpoints, a CASB like Bitglass is an all-in-one solution built for addressing cloud security in a comprehensive, real-time fashion.