SaaS risks come into focus

My company is pretty much all in with software as a service (SaaS). At this point, in fact, only three major applications live on our corporate network: our source code repository, bug tracking system and departmental fileshares. And most of our users don’t need those applications to get their jobs done, instead relying on another 90 or so applications, all of which live on the internet and thus are available from anywhere in the world. (There are a few exceptions, for applications that are configured to restrict access by IP address.)