Security News > 2023 > June > 3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

They raise legitimate questions about the usage and permissions of AI applications within their infrastructure: Who is using these applications, and for what purposes? Which AI applications have access to company data, and what level of access have they been granted? What is the information employees share with these applications? What are the compliance implications?

Each AI tool presents a potential attack surface that must be accounted for: Most AI applications are SaaS based and require OAuth tokens to connect with major business applications such as Google or O365.

By understanding the permissions AI applications were granted, and whether or not these permissions present risk, security professionals can tailor their security protocols accordingly.

Understanding AI application usage allows organizations to take action and manage their SaaS ecosystem effectively.

Monitoring for unusual AI onboarding, inconsistency in usage or simply revoking access to AI applications that should not be used are easily available security steps that CISOs and their teams can take today.

While AI-specific security tools are still in their early stages, security professionals should utilize existing SaaS discovery capabilities and SaaS Security Posture Management solutions to address the fundamental question that serves as the foundation for secure AI usage: Who in my organization is using which AI application and with what permissions? Answering these fundamental questions can be easily accomplished using available SSPM tools, saving valuable hours of manual labor.

News URL

https://thehackernews.com/2023/06/3-reasons-saas-security-is-imperative.html