According to Aaron Costello, chief of software-as-a-service (SaaS) research at AppOmni, the impact of this misconfiguration is to unintentionally and unknowingly create and deploy a public-facing, default stock website through which data can be exfiltrated with relative ease. He said that many of the affected users had absolutely no idea they were leaking data by the bucket-load as a result.
Many organisations are struggling to implement and maintain a robust SaaS security programme. Through research like this, AppOmni strives to educate and equip organisations so that they may be better prepared to identify and tackle both known and unknown risks to their SaaS applications.
My research found that thousands of these organisations are leaking sensitive customer data to the public through misconfigurations in their access controls. The sheer scale at which I found these exposures to be occurring is significant.
NetSuite is one of the world's leading enterprise resource planning [ERP] systems and handles business-critical data for thousands of organisations.
Collection
[
|
...
]