SlideShare ist ein Scribd-Unternehmen logo

SaaS Challenges & Security Concerns

Als PPTX, PDF herunterladen
Kannan Subbiah
Kannan Subbiah

This presentation is made out for the Chartered Accountants community at Chennai in the last week of January 2011. Comments and feedback are welcome.

Technologie
1 von 28
Kannan Subbiah Knowledge Universe Technologies India Pvt Ltd
Own a house Vs Rent a house Own a Car Vs Engage Call Taxi
•Chargeable unit •Geographical boundary •Business Domain •Implementation Partners •… •Hosting infrastucture •Support Multi-tenancy •On-boarding / Exit •Scalability •Customer Support •Internationalization •Service Level •… •Contract terms •…
Subscribed Self subscribe Hosted to the software or parts of Hosted (ASP) Affordability software. Software Software Customizable In-house Owned and rented, but by tenants to an H/W, S/W Managed, not designed extent owned and Infrastructure to scale managed. rented Time
 Multi Tenancy  Subscription based service  Scalability  Manageability  Self Service Sign-up  Tenant specific customization
Attribute Traditional SaaS Application Delivery Installed Hosted Updates / Release Cycle Larger / Longer Smaller / Shorter Pricing One Time + Maintenance Subscription Accounting CAP-EX OP-EX Implementation Engage Partners / Simple, end user consultants configurable Operating Platform Multiple Single Value proposition Once at the time of selling Continuous
 Pay per use  Any where Access  Subscription to service not software  Least or no investment on infrastructure
 Stronger protection for IPR  Operational control of the environment  Recurring revenue stream  Shared Infrastructure – PaaS / IaaS
 Microsoft – 4 level  Scalability, Multi- Tenancy and Configuration  Forrester – 6 Level  SEI – for assessing the organization and not the application  Euro Cloud Star Audit  None of them are popular
 Level 0 – Outsourcing  Level 1 – Manual ASP  Level 2 – Industrial ASP  Level 3 – Single-app SaaS  Level 4 – Business Domain SaaS  Level 5 – Dynamic Business Apps
 Solution Design to address  Internationalization  Cloud Infrastructure  Support business & operating model  Multi-tenancy  Extensibility  Security and Audit  Wider scope - cover industry needs
 Must Support  Larger impact  SLA driven  Disclaimers  Increased Focus on  Reliability  Availability  Extensibility  Scalability  Quality, etc
 Migration from existing software  Application Integration  Data Integration  Data Mining  Authentication, Single Sign-on  Network infrastructure
 Areas of support to include  Hosting infrastructure  Data center operations  Systems and network monitoring  Billing  Customer education  Longer customer retention for better RoI
 Agile approach  Rapid releases and upgrades  Primary focus on  Rapid action on feedbacks  Usage statistics  Predict industry trends  Platform and tools used  Automated testing  Service aggregation
 Driving Contracts online  Termination and Migration  Security, Privacy and related risks  Country specific regulations  SLAs
Data Security IdM & SSO Data Seggregation Back up & Deployment Recovery Model SaaS Security Availability Deployment Environment Regulatory Network Compliance Security
Data Security  Data Location  Data Encryption  Data Integration APIs  Access Logs  Return / destruction of data upon exit
Data Seggregation  Understand the Data & Application Architecture  Separate Physical / Virtual Server(s)  Separate Instance on shared hardware  Separate Database  Shared Database  Authentication and Authorization
Deployment Model  Security aware developers  Application Design  Application / Data Partitioning  Information Sensitivity  Design for Performance & Scalability  Configuration Management  Security Testing  Threat Remediation  Build & Release Cycles
Deployment Environment  Boundary Protection  Resource Priority  Configuration Management  Cloud Infrastructure  Certification / accreditation  Continuous Monitoring  Audit
Network Security  Transmission Integrity  Secure Data in transit (SSL)  Intrusion Detection & Prevention  Other standard security measures  Man-in-the-middle  IP Spoofing  Port Scanning  Packet Sniffing
Regulatory Compliance  Global Legal compliance  SAS 70  SOX  HIPAA  …  Contractual obligations  Need for Logs and Audit Trails  Data Retention needs
Availability  Application Design and Architecture  Design for performance  Graceful exits  Instance Isolation  Custom Code Modules  SLA  Uptime Guarantees  Maintenance / Outage Notifications  Documented BC & DRP plans  Code Escrow
Back up & Recovery  Infrastructure  Protection of back up location  Encryption  Access control to Backup location  Recovery  Documented process  Drills
IdM & SSO  Who manages it?  Checks & Controls  Id provisioning  Secure storage  Password Policies  Federated IdM  Trust relationships with tenants  Secure federation of user identities
 Follow Me  Email: kanna@vsnl.com  Facebook: http://www.facebook.com/kannan.subbiah  LinkedIn: http://in.linkedin.com/in/ksubbiah  Blog: http://www.kannan-subbiah.com

Empfohlen

Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Evolution of the cloud
Evolution of the cloudEvolution of the cloud
Evolution of the cloud
sagaroceanic11
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
Prince Chandu
 
IP Security
IP SecurityIP Security
IP Security
Keshab Nath
 
Trusted systems
Trusted systemsTrusted systems
Trusted systems
ahmad abdelhafeez
 
Big data lecture notes
Big data lecture notesBig data lecture notes
Big data lecture notes
Mohit Saini
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Key management
Key managementKey management
Key management
Sujata Regoti
 

Empfohlen

Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Evolution of the cloud
Evolution of the cloudEvolution of the cloud
Evolution of the cloud
sagaroceanic11
 
Data security in cloud computing
Data security in cloud computingData security in cloud computing
Data security in cloud computing
Prince Chandu
 
IP Security
IP SecurityIP Security
IP Security
Keshab Nath
 
Trusted systems
Trusted systemsTrusted systems
Trusted systems
ahmad abdelhafeez
 
Big data lecture notes
Big data lecture notesBig data lecture notes
Big data lecture notes
Mohit Saini
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
Viresh Suri
 
Key management
Key managementKey management
Key management
Sujata Regoti
 
Cloud Security Mechanisms
Cloud Security MechanismsCloud Security Mechanisms
Cloud Security Mechanisms
Mohammed Sajjad Ali
 
Unit v
Unit vUnit v
Unit v
upendarrao3
 
Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebula
Amar Myana
 
Google App Engine
Google App EngineGoogle App Engine
Google App Engine
Software Park Thailand
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacy
tmather
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
Vladimir Jirasek
 
CS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question BankCS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question Bank
pkaviya
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computing
GOVERNMENT COLLEGE OF ENGINEERING,TIRUNELVELI
 
SSL & TLS Architecture short
SSL & TLS Architecture shortSSL & TLS Architecture short
SSL & TLS Architecture short
Avirot Mitamura
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
Vandana Verma
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
Yateesh Yadav
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
Ravindra Dastikop
 
Cloud and dynamic infrastructure
Cloud and dynamic infrastructureCloud and dynamic infrastructure
Cloud and dynamic infrastructure
gaurav jain
 
Cloud security
Cloud securityCloud security
Cloud security
Niharika Varshney
 
CS8080 INFORMATION RETRIEVAL TECHNIQUES - IRT - UNIT - I PPT IN PDF
CS8080 INFORMATION RETRIEVAL TECHNIQUES - IRT - UNIT - I PPT IN PDFCS8080 INFORMATION RETRIEVAL TECHNIQUES - IRT - UNIT - I PPT IN PDF
CS8080 INFORMATION RETRIEVAL TECHNIQUES - IRT - UNIT - I PPT IN PDF
AALIM MUHAMMED SALEGH COLLEGE OF ENGINEERING
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
Nikhil Raj
 
x.509-Directory Authentication Service
x.509-Directory Authentication Servicex.509-Directory Authentication Service
x.509-Directory Authentication Service
Swathy T
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMAC
Krishna Gehlot
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New Perspective
Wen-Pai Lu
 
Data preprocessing
Data preprocessingData preprocessing
Data preprocessing
ankur bhalla
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
Amazon Web Services
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
Novell
 

Weitere ähnliche Inhalte

Was ist angesagt?

CS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question BankCS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question Bank
pkaviya
 
Data preprocessing
Data preprocessingData preprocessing
Data preprocessing
ankur bhalla
 

Was ist angesagt? (20)

Cloud Security Mechanisms
Cloud Security MechanismsCloud Security Mechanisms
Cloud Security Mechanisms
 
Unit v
Unit vUnit v
Unit v
 
Eucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebulaEucalyptus, Nimbus & OpenNebula
Eucalyptus, Nimbus & OpenNebula
 
Google App Engine
Google App EngineGoogle App Engine
Google App Engine
 
Cloud Security And Privacy
Cloud Security And PrivacyCloud Security And Privacy
Cloud Security And Privacy
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
CS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question BankCS8791 Cloud Computing - Question Bank
CS8791 Cloud Computing - Question Bank
 
Characteristics of cloud computing
Characteristics of cloud computingCharacteristics of cloud computing
Characteristics of cloud computing
 
SSL & TLS Architecture short
SSL & TLS Architecture shortSSL & TLS Architecture short
SSL & TLS Architecture short
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
 
Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)Infrastructure as a Service ( IaaS)
Infrastructure as a Service ( IaaS)
 
Cloud and dynamic infrastructure
Cloud and dynamic infrastructureCloud and dynamic infrastructure
Cloud and dynamic infrastructure
 
Cloud security
Cloud securityCloud security
Cloud security
 
CS8080 INFORMATION RETRIEVAL TECHNIQUES - IRT - UNIT - I PPT IN PDF
CS8080 INFORMATION RETRIEVAL TECHNIQUES - IRT - UNIT - I PPT IN PDFCS8080 INFORMATION RETRIEVAL TECHNIQUES - IRT - UNIT - I PPT IN PDF
CS8080 INFORMATION RETRIEVAL TECHNIQUES - IRT - UNIT - I PPT IN PDF
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
x.509-Directory Authentication Service
x.509-Directory Authentication Servicex.509-Directory Authentication Service
x.509-Directory Authentication Service
 
Message Authentication Code & HMAC
Message Authentication Code & HMACMessage Authentication Code & HMAC
Message Authentication Code & HMAC
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New Perspective
 
Data preprocessing
Data preprocessingData preprocessing
Data preprocessing
 

Ähnlich wie SaaS Challenges & Security Concerns

(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
Amazon Web Services
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1
Khazret Sapenov
 
Security in the Cloud
Security in the CloudSecurity in the Cloud
Security in the Cloud
WSO2
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
Ajay Rathi
 
Secure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the CloudSecure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the Cloud
CA API Management
 
Ibm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalIbm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_final
Mauricio Godoy
 

Ähnlich wie SaaS Challenges & Security Concerns (20)

(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityHow Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
 
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityLayer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
 
Securing Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security ServiceSecuring Your Cloud Applications with Novell Cloud Security Service
Securing Your Cloud Applications with Novell Cloud Security Service
 
Brave new world of encryption v1
Brave new world of encryption v1Brave new world of encryption v1
Brave new world of encryption v1
 
Security in the Cloud
Security in the CloudSecurity in the Cloud
Security in the Cloud
 
Security in the Cloud
Security in the CloudSecurity in the Cloud
Security in the Cloud
 
Be Prepared for Tomorrow's IT Forecast Great Chance of Hybrid Clouds
Be Prepared for Tomorrow's IT Forecast Great Chance of Hybrid CloudsBe Prepared for Tomorrow's IT Forecast Great Chance of Hybrid Clouds
Be Prepared for Tomorrow's IT Forecast Great Chance of Hybrid Clouds
 
Be Prepared for Tomorrow's IT Forecast: Great Chance of Hybrid Clouds
Be Prepared for Tomorrow's IT Forecast: Great Chance of Hybrid CloudsBe Prepared for Tomorrow's IT Forecast: Great Chance of Hybrid Clouds
Be Prepared for Tomorrow's IT Forecast: Great Chance of Hybrid Clouds
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
 
Architecting SaaS
Architecting SaaSArchitecting SaaS
Architecting SaaS
 
Cloud Tools for Connected Communities
Cloud Tools for Connected CommunitiesCloud Tools for Connected Communities
Cloud Tools for Connected Communities
 
Secure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the CloudSecure and Govern Integration between the Enterprise & the Cloud
Secure and Govern Integration between the Enterprise & the Cloud
 
Ibm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_finalIbm cloud forum managing heterogenousclouds_final
Ibm cloud forum managing heterogenousclouds_final
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
 
Gartner Catalyst Savvis Cloud API Case Study
Gartner Catalyst Savvis Cloud API Case StudyGartner Catalyst Savvis Cloud API Case Study
Gartner Catalyst Savvis Cloud API Case Study
 
Security Best Practices on AWS
Security Best Practices on AWSSecurity Best Practices on AWS
Security Best Practices on AWS
 
Making of a Successful Cloud Business
Making of a Successful Cloud BusinessMaking of a Successful Cloud Business
Making of a Successful Cloud Business
 

Mehr von Kannan Subbiah

Mehr von Kannan Subbiah (9)

Implementing an Effective Third-party & Vendor Risk Management Program
Implementing an Effective Third-party & Vendor Risk Management ProgramImplementing an Effective Third-party & Vendor Risk Management Program
Implementing an Effective Third-party & Vendor Risk Management Program
 
Developing & Deploying Effective Data Governance Framework
Developing & Deploying Effective Data Governance FrameworkDeveloping & Deploying Effective Data Governance Framework
Developing & Deploying Effective Data Governance Framework
 
Cyber fraud and Security - What risks does family office's face in today's wo...
Cyber fraud and Security - What risks does family office's face in today's wo...Cyber fraud and Security - What risks does family office's face in today's wo...
Cyber fraud and Security - What risks does family office's face in today's wo...
 
Disruptive Technologies – a closer look
Disruptive Technologies – a closer lookDisruptive Technologies – a closer look
Disruptive Technologies – a closer look
 
Introduction to risk management
Introduction to risk managementIntroduction to risk management
Introduction to risk management
 
Globalization & internationalization
Globalization & internationalizationGlobalization & internationalization
Globalization & internationalization
 
EAI Best Practices
EAI Best PracticesEAI Best Practices
EAI Best Practices
 
Cloud computing – An Overview
Cloud computing – An OverviewCloud computing – An Overview
Cloud computing – An Overview
 
Social Computing – The Promise And The Perils Final
Social Computing – The Promise And The Perils FinalSocial Computing – The Promise And The Perils Final
Social Computing – The Promise And The Perils Final
 

Kürzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Kürzlich hochgeladen (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

SaaS Challenges & Security Concerns

  • 1. Kannan Subbiah Knowledge Universe Technologies India Pvt Ltd
  • 2. Own a house Vs Rent a house Own a Car Vs Engage Call Taxi
  • 3. •Chargeable unit •Geographical boundary •Business Domain •Implementation Partners •… •Hosting infrastucture •Support Multi-tenancy •On-boarding / Exit •Scalability •Customer Support •Internationalization •Service Level •… •Contract terms •…
  • 4. Subscribed Self subscribe Hosted to the software or parts of Hosted (ASP) Affordability software. Software Software Customizable In-house Owned and rented, but by tenants to an H/W, S/W Managed, not designed extent owned and Infrastructure to scale managed. rented Time
  • 5. Multi Tenancy  Subscription based service  Scalability  Manageability  Self Service Sign-up  Tenant specific customization
  • 6. Attribute Traditional SaaS Application Delivery Installed Hosted Updates / Release Cycle Larger / Longer Smaller / Shorter Pricing One Time + Maintenance Subscription Accounting CAP-EX OP-EX Implementation Engage Partners / Simple, end user consultants configurable Operating Platform Multiple Single Value proposition Once at the time of selling Continuous
  • 7. Pay per use  Any where Access  Subscription to service not software  Least or no investment on infrastructure
  • 8. Stronger protection for IPR  Operational control of the environment  Recurring revenue stream  Shared Infrastructure – PaaS / IaaS
  • 9. Microsoft – 4 level  Scalability, Multi- Tenancy and Configuration  Forrester – 6 Level  SEI – for assessing the organization and not the application  Euro Cloud Star Audit  None of them are popular
  • 10. Level 0 – Outsourcing  Level 1 – Manual ASP  Level 2 – Industrial ASP  Level 3 – Single-app SaaS  Level 4 – Business Domain SaaS  Level 5 – Dynamic Business Apps
  • 11.
  • 12. Solution Design to address  Internationalization  Cloud Infrastructure  Support business & operating model  Multi-tenancy  Extensibility  Security and Audit  Wider scope - cover industry needs
  • 13. Must Support  Larger impact  SLA driven  Disclaimers  Increased Focus on  Reliability  Availability  Extensibility  Scalability  Quality, etc
  • 14. Migration from existing software  Application Integration  Data Integration  Data Mining  Authentication, Single Sign-on  Network infrastructure
  • 15. Areas of support to include  Hosting infrastructure  Data center operations  Systems and network monitoring  Billing  Customer education  Longer customer retention for better RoI
  • 16. Agile approach  Rapid releases and upgrades  Primary focus on  Rapid action on feedbacks  Usage statistics  Predict industry trends  Platform and tools used  Automated testing  Service aggregation
  • 17. Driving Contracts online  Termination and Migration  Security, Privacy and related risks  Country specific regulations  SLAs
  • 18. Data Security IdM & SSO Data Seggregation Back up & Deployment Recovery Model SaaS Security Availability Deployment Environment Regulatory Network Compliance Security
  • 19. Data Security  Data Location  Data Encryption  Data Integration APIs  Access Logs  Return / destruction of data upon exit
  • 20. Data Seggregation  Understand the Data & Application Architecture  Separate Physical / Virtual Server(s)  Separate Instance on shared hardware  Separate Database  Shared Database  Authentication and Authorization
  • 21. Deployment Model  Security aware developers  Application Design  Application / Data Partitioning  Information Sensitivity  Design for Performance & Scalability  Configuration Management  Security Testing  Threat Remediation  Build & Release Cycles
  • 22. Deployment Environment  Boundary Protection  Resource Priority  Configuration Management  Cloud Infrastructure  Certification / accreditation  Continuous Monitoring  Audit
  • 23. Network Security  Transmission Integrity  Secure Data in transit (SSL)  Intrusion Detection & Prevention  Other standard security measures  Man-in-the-middle  IP Spoofing  Port Scanning  Packet Sniffing
  • 24. Regulatory Compliance  Global Legal compliance  SAS 70  SOX  HIPAA  …  Contractual obligations  Need for Logs and Audit Trails  Data Retention needs
  • 25. Availability  Application Design and Architecture  Design for performance  Graceful exits  Instance Isolation  Custom Code Modules  SLA  Uptime Guarantees  Maintenance / Outage Notifications  Documented BC & DRP plans  Code Escrow
  • 26. Back up & Recovery  Infrastructure  Protection of back up location  Encryption  Access control to Backup location  Recovery  Documented process  Drills
  • 27. IdM & SSO  Who manages it?  Checks & Controls  Id provisioning  Secure storage  Password Policies  Federated IdM  Trust relationships with tenants  Secure federation of user identities
  • 28. Follow Me  Email: kanna@vsnl.com  Facebook: http://www.facebook.com/kannan.subbiah  LinkedIn: http://in.linkedin.com/in/ksubbiah  Blog: http://www.kannan-subbiah.com