Aspire Systems hosted a webinar “Managing the Security Threat in SaaS: Essential How-to’s” recently, featuring Alexey Lef, Chief Technical Architect of SciQuest and Jothi Rengarajan, Senior Technical Architect of Aspire Systems.
There was a good response from Technology heads and Product Managers from companies already having SaaS as a delivery model and those looking to transition. The presentation can be found here upon registering, and answers to the questions discussed during the webinar can be downloaded here.
Alexey started the discussion with a hypothetical business case of a medical company offering a SaaS solution. The company had security challenges and he discussed the steps taken by their CEO, Bob to resolve these challenges. He talked about addressing security not just at the application level, but holistically at all levels in an organization. He discussed how Bob started looking at the product development and QA function and one by one looked at all the functions such as customer service, data center operations, internal network support, sales, HR, etc. Alexey emphasized how security should be addressed at a cultural level in an organization.
Jothi took the session forward covering in depth the key areas in application security which seems to be the major security challenge faced by any SaaS provider. She discussed Data Security, Access Control Security and Security in the Cloud.
Some key takeaways from the session were:
- Factors & Goals to be considered in Security
- Security as a Culture in a corporate setting
- Data Security: Storage Architecture, Design Schemas and Audit Trials
- Access Control Security: Authentication and Authorization
- Cloud Security: considerations in moving to a public cloud
If you’d like to know more about this webinar, or have any feedback, please feel free to contact email@example.com