Majority of SaaS applications and AI tools are unmanaged

A new report reveals that 90 percent of SaaS applications and 91 percent of AI tools within enterprises remain unmanaged, suggesting a widespread vulnerability that continues to grow.

The study from Grip Security highlights the limitations of traditional security strategies in combating 'SaaS risk creep' the number of SaaS applications used in an enterprise increased by 40 percent over the last two years.

At the same time the number of SaaS applications per employee has steadily risen, marking an 85 percent increase in numbers of accounts per user. However, 73 percent of provisioned users never use their SaaS application license.

There's a similar issue with AI, ChatGPT was found in 96 percent of analyzed organizations, and usage has increased 24x since its launch. 42 percent of popular AI applications have SAML (Security Assertion Markup Language -- that enables security across multiple apps) capabilities, but 80 percent of these apps are not managed and federated with the SAML protocol.

"The sheer volume of unmanaged SaaS apps and AI tools we found in organizations shows the large gap between perceived and actual security," says Lior Yaari, co-founder and CEO of Grip Security. "Businesses need real-time visibility into these applications and a risk governance program to manage their risks to stay ahead of the curve."

The report highlights concern around the rise of Shadow SaaS and Shadow AI -- applications used without IT's visibility or control. These applications put organizations at risk of data breaches, non-compliance issues, operational inefficiencies and confidential information leaks. As Gartner predicts that by 2027, 75 percent of employees will use technologies outside IT's oversight, organizations must rethink their SaaS security strategies to address the growing risk of unmanaged applications.

"As SaaS continues to grow, businesses can't afford to rely on outdated tools. A holistic, identity-driven approach is now critical to ensure SaaS security and risk management," adds Yaari. "The consequences of inaction are too severe -- it's time for enterprises to address this risk proactively and rethink their security strategies to match the speed of SaaS adoption."

The full report is available from the Grip site.

Image credit: -goldy-/depositphotos.com