How To

Recently, two of our co-founders, Mark Evans and Ben Soulier, were interviewed by Alex Wood at the popular Colorado = Security podcast.

 

Below, we’ve transcribed the Podcast if you want to scan and get the gist. If you’re interested in listening, look up Colorado Security on your favorite podcast app, listen to episode 102, and jump to about 27 minutes and 40 seconds in to hear the interview with Mark and Ben.

 

What are some highlights?

 

• Learn more about Alpin’s founding and story

• Get the lowdown on why companies use Alpin

• See how Alpin fits in the security landscape with CASBs, firewalls and more

• Listen to Mark and Ben discuss their vision for the future

– Upcoming features for the App

– What’s next for Alpin the company

 

It’s a question more people at more companies are asking – what’s actually happening inside our cloud?

 

Intentionally or not, many IT departments have allowed “distributed software purchasing decisions.” Employees have signed up for, purchased, and expensed software independently. (And of course, a lot of SaaS subscriptions aren’t even paid.) As a result, SaaS has grown rapidly and is expected to continue growing in 2019. However, many IT leaders now wonder if some “collaborative oversight”* may be necessary to ensure security, compliance, and reasonable costs.

 

 

This guide will walk you through the necessary steps for managing all SaaS accounts or subscriptions. If you’re looking to garner support internally for such a project, check out our guide a Shadow IT cleanup initiative.

 

While you can attempt to follow the steps below manually using our free spreadsheet template, this guide assumes you would rather avoid mind-numbing, time-wasting manual efforts, and instead want to automate managing these SaaS accounts. To that end, we describe the process using Alpin – it’s what we built Alpin for!

 

* Most of our customers want to preserve their company’s distributed decision-making for using and purchasing cloud software, augmented with oversight in a central dashboard. And, Alpin opens up new methods of control or management. For instance, G Suite administrators can blacklist applications or revoke user access tokens directly in Alpin, after being shown the offending apps and affected users.

 

Swisscom logo and wordmark
800,000 customers of Swisscom had their personal information leaked when a supplier’s access credentials were “misappropriated.” That’s bad news for those 800,000 people, bad PR for Swisscom, and bad business for the supplier. And with GDPR implementation only a few months away, it is a stark warning: YOU are responsible for your suppliers. They must be compliant with the GDPR, because if your customers’ data is compromised due to their fault, you are still responsible. So, get started now to ensure that your suppliers are GDPR-compliant. Alpin can help by automating the process.

whack a mole 1

If you are running G Suite, you’ve likely noticed how incredibly easy it is for your users to allow access to sensitive information. We have seen notable cases like this and this where seemingly innocuous permissions have resulted in significant data breaches.

Why does this happen?

Google and third party apps have prioritized user adoption and ease of use. This has led to the unintended consequence of easily allowing users to provide access to their data — and at work, that may mean sensitive company data.

despaired 2261021 640

Most companies think they have a handle on managing SaaS spend. The truth is that cloud adoption is still largely obscured from IT and it is likely that you’re only partially aware of your total SaaS spend.

For example, a user might charge a Slack subscription to their personal credit card yet wait a month or more to submit it for reimbursement. By the time the Slack subscription is seen in your finance system, significant charges may have accrued.

top3

Getting control of your SaaS applications and services can seem like a daunting task. So how do you make it happen? Break it down into the most important areas, tackle each one, and you’ll be back in control. Here’s the playbook for the Top 3 SaaS management actions.

Today we’ll start with an overview, and in future posts we’ll dive into each area in detail.