Any horror movie fan can tell you the scariest threats are the ones you don't see coming, and the same is true when it comes to threats to cloud data. IT has decades of experience protecting on-premise resources. Virtually no one has even one decade of experience running major SaaS applications, so we should be prepared for some surprises.
The risk vectors described here are perhaps the three most dangerous threats to your SaaS data, precisely because so many IT pros aren't prepared for them:
* Zombie accounts. Zombie accounts are those accounts that are no longer in use, but haven't been suspended, deprovisioned or deleted. When a sales rep leaves, the admin locks the user out of the account but never follows up to actually delete the account. The danger with zombie accounts is that, if they are compromised, no one is watching them. A subverted zombie user could steal, corrupt or delete data well before anyone is the wiser.
Many SaaS admins assume they aren't sitting on any zombie accounts because SaaS apps usually charge on a per-user basis, so anytime the admin receives a bill, the zombie users would stick out and demand to be deleted -- if only to recover the license fee.
Not so. Some SaaS apps only bill on an annual basis, rather than monthly or quarterly. SaaS providers offer this billing option to support large organizations because big companies usually budget on an annual basis. As such, you have the deadly combination of a company with a large number of users within which a zombie account can hide, and a billing cycle that could keep a zombie account unnoticed for as long as 11 months at a time. That's scary.
Zombie account defense: Eliminate them before they turn. Delete inactive accounts as soon as they have outlived their usefulness.
* Rogue users. User error is always one of the top two causes of data loss for any application, cloud-based or otherwise. This is because software has no way of distinguishing between legitimate and illegitimate commands. One slip of the mouse and a Copy command becomes a Delete command. Simple user mistakes cause between one-third and two-thirds of all data losses. That's scary enough, but those numbers only describe the damage inflicted by accident.
Now imagine what a rogue user -- one who is intentionally trying to cause damage -- could do to your cloud data. Authorized users are, by definition, allowed inside your SaaS application's defensive perimeter. Disgruntled employees can be your worst nightmare, as these users can do every bit as much damage as a compromised zombie account but with the added threat of knowing exactly where to look for valuable data.
Rogue user defense: Trust no one (more than you have to). Most SaaS applications offer some degree of tiered access privileges. Never grant anyone more access than they need.
* The black swan. A black swan is shorthand for an event that is so unprecedented as to be almost impossible to predict. Tech writer Mat Honan made headlines earlier this year when a weird combination of Amazon and Apple security procedures allowed hackers to wipe out virtually all of his online accounts, as well as purge the local data from his laptop. What made this epic hack so remarkable was that Apple and Amazon's security procedures both protected their own systems, but it was the combination of data that both providers disclosed that allowed hackers to assume control of all of Honan's linked cloud accounts. Almost no one could have seen that coming. While Honan's loss doesn't fit the classic definition of a black swan event, it matches the general profile of an all but unforeseeable security failure.
Given the complexity of SaaS applications and the relative immaturity of cloud application security standards, it's highly likely that another such black swan event will occur -- one that may well compromise your own SaaS application data. That's the very image of a security threat you can't see coming, and nothing could be scarier than that.
Black swan defense: Call for backup. An independent backup copy of your SaaS data, kept separate from your production cloud accounts, can allow you to recover from a cloud failure that no built-in security or disaster recovery feature can handle.
Bottom line, SaaS is new ground for lots of IT professionals and, while cloud-based applications carry some demonstrable security and data integrity advantages (notably in hardware redundancy), the cloud is still new territory for most of us. It requires new procedures and new best practices. With a little preparation and forethought, the cloud can be more versatile and adaptable than on-premise systems, but you have to adapt your security protocols to ensure your cloud benefits aren't undone by hidden security costs.