Security 2020 by Schneier Bruce Howard Doug Prince Kevin & Kevin Prince

Author:Schneier, Bruce, Howard, Doug, Prince, Kevin & Kevin Prince
Language: eng
Format: epub
Publisher: John Wiley & Sons
Published: 2010-11-25T16:00:00+00:00

Implementations on the customer's premises can be slightly less complicated from a security perspective, as you can layer your access controls and existing security controls. Implementations of Microsoft SharePoint, Documentum, Alfresco, and IBM Tivoli range in scope significantly, and companies such as Oracle and Google claim to have products in this area as well. Each is unique, but relatively easy to protect in the scheme of business applications, assuming that you already have a layered security approach to your infrastructure.

From Our Contributors

Dan Summa, CEO, Kindling

My experience running several online services companies has shown me that security is always a major focus. Over the past five years, it also has become a major consideration for customers when they're evaluating online SaaS companies.

Consider the amount of data handled by, and the level of confidentiality entrusted to, many SaaS providers: Salesforce.com with every lead and customer; banking applications that allow access not only to view your data but often to perform transactions; and remote data backup and archiving that includes email and IM. You rapidly begin to understand the magnitude of the damage a breach would inflict on an enterprise or individual.

Online collaboration and crowd sourcing is truly a monumental advancement considering that most collaboration tools today are limited to internal employees. While tools like SharePoint will advance document and information sharing within an enterprise, external SaaS solutions will enable idea, information, and experience sharing across large populations without their being employees of a single company.

Our application, Kindling, is used by organizations to provide a channel for their members to collaborate around ideas—arguably the most important IP a company owns. Fifteen years ago, could you imagine any organization trusting an outside provider with this IP? These days, an external vendor often has a heightened interest in security relative to the internal organization because if a SaaS vendor is careless with information and experiences a breach or data loss, that spells the end of the venture. Additionally, the SaaS vendor can spread the cost of security measures across multiple accounts, which an internal team cannot do.

When working with a vendor to facilitate collaboration within the enterprise, it's of course essential to choose a reputable and trustworthy partner.

Ray Harris, CEO, WebCast Group

As a provider of webinar and webcast services, we must be a trusted vendor that understands and respects both the security of our client's networks and the privacy of their data. SaaS webcast providers like ourselves gather user data in the form of registrations and then deliver rich media that enters corporate networks and private networks.

Privacy and data usage terms need to be clearly stated, or a company may find their webinar vendor is using their webinar viewer list in ways they never expected. For example, at this time both Cisco and GotoMeeting take the user registration data of their client's webinars and use that data to market their webinar services. Clearly, this practice could be perceived as a violation of privacy and a misuse of data. A user may sign up to watch

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.