Article Details

When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules . While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution that solves for auto-email forwarding as well. While Wing's shadow IT solution is offered as a free tool that can be onboarded and used as a self-service, users willing to upgrade will be able to enjoy the company's new Gmail and Outlook integrations, which broaden the company's discovery capabilities and extend their data security features. The risks of email auto-forwarding rules Auto-forwarding emails is a great way to save time on repetitive tasks and are therefore very popular among employees who regularly collaborate and share information with external business partners. Risk examples include: What is the connection between SaaS Security and email Security? For several reasons, it is essential for organizations to uncover SaaS Shadow IT applications. Shadow IT refers to the unauthorized use of IT systems within an organization, often for the sake of convenience or efficiency, without the explicit approval of the IT department. There are some SaaS applications that may pose significant risks to the organization's security, compliance, and overall efficiency: Wing's SaaS discovery entails the systematic identification, categorization, and analysis of an organization's SaaS usage to mitigate shadow IT risks. The company offers three distinct and non-intrusive discovery methods: Connecting to organizations' major SaaS applications (e.g., Google Drive, Salesforce, Slack, and others) to identify connected applications, scanning endpoints for SaaS signature hits and cross-checking them with Wing's extensive SaaS database of over 280,000 SaaS records. Their third and newly introduced capability involves connecting to business emails and conducting scans to detect clear indications of SaaS usage. Wing emphasizes that knowing is just the first step in solving and therefore offers customers the means to remediate and eliminate risky shares directly within their platform.