Almost 70 percent of all ServiceNow instances that the SaaS security provider AppOmni has examined under the microscope had data leaks. However, the reason is misconfigurations and not defects in the SaaS platform. […]
Data leaks can occur due to incorrect configuration of the SaaS platform (Software as a Service) from ServiceNow. And this apparently happens quite often, as AppOmni reports. The SaaS security provider found that almost 70 percent of the ServiceNow instances it examined leaked.
The reason for the holey instances are usually misconfigurations in the settings on the user side, according to AppOmni. This is also due to the high complexity of such SaaS platforms and can therefore also be observed with other service providers, AppOmni continues.
“Securing SaaS instances is much more complicated than just checking a handful of settings or enabling strong authentication for users,” Brendan O’Connor, CEO and co-founder of AppOmni, comments on the results. “SaaS platforms have become operating systems for companies because they are so flexible and powerful,” he continues. There are therefore many good reasons why workloads and applications running on a SaaS platform communicate externally and thus open floodgates. “AppOmni’s experience shows that such data losses occur much more frequently than customers are aware of,” reports O’Connor.