What is SaaS?

Software-as-a-service (SaaS) is a cloud-based method that provides software to organizations or users. Rather than purchasing an application, users can subscribe to use an application from a third-party provider over the internet without having to install it on their devices, manage the infrastructure, or provide any maintenance.

What are examples of SaaS and how do they work?

SalesForce

A web browser-based platform that provides tools for managing customer interactions, tracking sales/marketing leads, and automating sales processes.

Dropbox

A web browser or application-based file storage solution on which users can upload and share files on the cloud.

Microsoft 365

A suite of cloud-based services that can be accessed via a browser without local instillation, including Microsoft Word, Microsoft Powerpoint and Microsoft Excel.

SaaS vs IaaS vs PaaS

IaaS (Infrastructure-as-a-Service)

Provides on demand, pay-as-you-go virtualized computing services, network, and storage resources.

PaaS (Platform-as-a-Service)

PaaS includes operating systems and database management and development tools that developers need to build and run applications.  

SaaS (Software-as-a-Service)

SaaS is an application delivery model that allows users to access data and conduct work activity via an application that is accessible over the internet.

What are the benefits of SaaS for organizations?

Cost Efficiency

SaaS operates in shared or multi-tenant environments, leading to reduced hardware and software license costs in comparison to traditional models. SaaS also offers pay-as-you-go pricing, allowing users to pay for services that they need, when they need it.

Scalability and Integration

Scalable cloud environments typically host SaaS solutions, allowing them to adapt to changing requirements and ensuring smooth integration with other SaaS offerings.

Easy to use

SaaS offerings prioritize user-friendliness, simplifying usage without the need for extensive customization.

Reduced Time to Benefit

SaaS distinguishes itself by having pre-installed and configured software. This will allow to the product to be quickly available after the set up, minimizing installation and configuration time for swift deployment.

Upgrades

SaaS providers handle upgrades, making new features available to users. This reduces costs and effort associated with traditional upgrade models.

What challenges do organizations face using SaaS?

Data Loss

Organizations face reduced control and visibility over their data in SaaS environments, raising concerns about potential data loss. In addition, there are some security concerns on how the third-party SaaS providers may handle the data.

Compliance

Compliance issues, like data protection regulations (like GDPR or HIPAA) can be an issue for organizations using SaaS solutions.

Shared Responsibilities

Some SaaS customers lack a foundational understanding of the shared responsibility model, as not all providers publish relevant matrices or artifacts. This lack of clarity can hinder effective security measures.

Unauthorized Access

The use of SaaS introduces an elevated risk of user account takeover, partially due to SaaS exposure on the internet.

Insecure Application Programming Interfaces

Integrating SaaS solutions with existing on-premises systems or other SaaS applications can lead to complication of non-compatibility between services or tools.

Dependency on Internet Connectivity

SaaS applications, reliant on internet connectivity, pose a challenge as disruptions in service can impact critical application access, affecting overall business operations.

How does Darktrace support security efforts for SaaS users?

Darktrace/Cloud or Darktrace/Apps can detect and respond malicious or unusual behavior on the cloud and on a wide range of collaboration tools such as Microsoft Teams, SharePoint, Dropbox and Google Workspace.