There is a perception from the business that, if it adopts a cloudservice, the provider will take care of security. This is true to somedegree, because cloud providers are responsible for all the infrastructurethat drives SaaS applications. When using a sanctioned cloud service,users do not need to run the networking, servers, storage, firewalls,intrusion prevention systems (IPSs), distributed denial of service (DDoS),infrastructure access control and security operations centers (SOCs). WithSaaS, these security elements are \built-in," with a simple per-user,per-month billing model that enterprise SaaS applications deliver. For thelarge SaaS providers, such as Salesforce, Microsoft, IBM, Google, thebusiness can also make the entirely valid claim that these providers havea bigger and better resourced security team.
However, there are many aspects of SaaS security that most organizationsmay not know about or pay attention to. Examples of questionsorganizations may need to ask include:
In this webcast, we'll cover a variety of controls and considerationsrelated to SaaS security, with recommendations on how to improve thesecurity posture of your SaaS implementations.