Perspectives

Avoid these 5 IT offboarding pitfalls for a smooth transition

In the age of SaaS, the old IT offboarding playbook of “disable AD account, forward email, recover and wipe device, and call it a day” is no longer enough.

Your IT offboarding checklist for a SaaS-first world

Eight steps to ensure complete employee offboarding for SaaS and cloud accounts, including the OAuth grants, resources, and passwords you’re most likely forgetting.

Common misconceptions around single sign-on (SSO)

While SSO helps to streamline employee onboarding and offboarding efforts, it’s only one piece of the SaaS identity and access puzzle.

Masterminds & qubits: the future unfolds at RSA 2023

This year's RSA conference focused on new strategies, technologies, and collaborations to strengthen cybersecurity and protect orgs and individuals alike.

The security risks of using groups for shared access to cloud and SaaS accounts

Why groups aren't the best option for shared SaaS access, and how Nudge Security helps you monitor your organization's groups and their privacy settings.

How SaaS sprawl extends vulnerability management

The new management problem organizations must solve is safeguarding the modern mesh of SaaS and cloud accounts.

How much are rogue AWS accounts costing your organization?

Between wasted AWS credits, unexpected bills, and abuse, the potential cost of unmonitored AWS accounts can add up quickly.

Are the security risks of AI productivity tools worth the reward?

While AI tools like ChatGPT can be a boon for productivity, they also raise security and privacy concerns. What can IT and security teams do to minimize the risks?

Have we taken zero trust too far?

Why applying the concepts of zero trust broadly to employees is a dangerous mistake for cybersecurity programs.

The dangers of rogue AWS accounts

How can you effectively secure your company’s cloud accounts when you don’t know that they exist?

An action plan for improving workforce security decisions

Enterprise teams would be wise to begin implementing an action plan that will help guide employees toward making better cybersecurity decisions in their day-to-day work.

Does blocking access force SaaS into the shadows?

While blocking may make you feel more secure, the truth is that it’s likely incentivizing more risky behaviors.

The impact of user decisions on SaaS supply chain risk

When poor cybersecurity decisions are made by employees, the negative impact on the enterprise supply chain can be significant.

Where does shadow IT come from?

Shadow IT is no longer a problem to solve—it’s a reality of modern work that must be accepted and redirected.

What is the impact of employee decisions on cyber risk?

With more access to technology and systems than ever before, it has become essential that employees make informed cybersecurity decisions.

The challenge of SOC 2 certification in a remote world

A perfect storm of SaaS sprawl, shadow IT, and remote teams makes SOC 2 certification a particularly daunting task.

Why network monitoring can’t effectively detect SaaS sprawl

In a world of distributed teams, the tools of the past simply can’t find shadow IT.

Why mining expense reports won’t find Shadow IT

In a world of remote teams and freemium offers, the tools of the past can’t curb SaaS sprawl.

Can technology be used to guide security decisions?

How advanced technology-based solutions can offer a practical solution to the challenge of optimizing security decision-making by employees.

2022 year in review at Nudge Security

That’s a wrap on Year One at Nudge Security. Here’s a look back at the highlights of our first year.

The one thing Nudge Security doesn’t do

Our product uses a powerful SaaS discovery method—but there’s one type of account it can’t find.

The best solution for discovering SaaS sprawl

Network monitoring and expense report analysis simply don’t work. The perfect side-channel attack on Shadow IT? Your inbox.

How does user discretion influence security?

Understanding how employee decisions affect cybersecurity posture is a critical first step in establishing a technology-based program that guides them toward making better choices.

How can CISOs improve the employee experience?

As workers prioritize flexible work and learning opportunities, organizational leaders must focus on creating a positive employee experience.

To curb SaaS sprawl, CISOs should think like entrepreneurs

CISOs used to be advised to “think like a hacker.” Now, facing mounting risks associated with SaaS sprawl and shadow IT, CISOs must learn to think like SaaS entrepreneurs.

Dynamic vendor assessments for a dynamic world

Our guide to adjusting vendor security assessments to match the pace and complexity of modern work.

Why the SSO tax needs to go

Single sign-on is a qualifying condition for any modern product—not a premium feature that warrants a price bump.

What to do about the impending shadow supply chain

When data breaches make headlines, it’s often difficult to know whether or not your organization sits in the blast radius.

Staring at the car wreck of SBOM

For a clear picture of supply chain risk, the real bill of materials we need is the cumulative set of integrated software, SaaS, PaaS, and IaaS.

Castra Q&A: SaaS threat detection and response

An interview with Castra’s Grant Leonard on how to prepare for the future of SaaS security.

Does privacy put you to sleep? You’re not alone!

Conversations about privacy are complex, but they’re essential for creating safety, equity, and understanding.

Signaling the rise of SaaS supply chain attacks

Recent data breaches at Signal, Twilio, MailChimp, and others underscore the imperative of securing the SaaS supply chain.