Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Kannan SubbiahKnowledge Universe Technologies India Pvt Ltd
Own a house                        Vs                   Rent a house  Own a Car     VsEngage Call Taxi
•Chargeable unit                         •Geographical boundary                         •Business Domain                  ...
Subscribed                                                                    Self subscribe                              ...
   Multi Tenancy   Subscription based service   Scalability   Manageability   Self Service Sign-up   Tenant specific...
Attribute                 Traditional                   SaaSApplication Delivery      Installed                     Hosted...
   Pay per use   Any where Access   Subscription to service not software   Least or no investment on infrastructure
   Stronger protection for IPR   Operational control of the environment   Recurring revenue stream   Shared Infrastruc...
   Microsoft – 4 level     Scalability, Multi- Tenancy and Configuration   Forrester – 6 Level   SEI – for assessing t...
   Level 0 – Outsourcing   Level 1 – Manual ASP   Level 2 – Industrial ASP   Level 3 – Single-app SaaS   Level 4 – Bu...
   Solution Design to address       Internationalization       Cloud Infrastructure       Support business & operating...
   Must Support   Larger impact   SLA driven   Disclaimers   Increased Focus on       Reliability       Availabilit...
   Migration from existing software   Application Integration   Data Integration   Data Mining   Authentication, Sing...
   Areas of support to include       Hosting infrastructure       Data center operations       Systems and network mon...
   Agile approach   Rapid releases and upgrades   Primary focus on       Rapid action on feedbacks       Usage statis...
   Driving Contracts online   Termination and Migration   Security, Privacy and related risks   Country specific regul...
Data Security        IdM & SSO                                          Data                                              ...
Data Security   Data Location   Data Encryption   Data Integration APIs   Access Logs   Return / destruction of data ...
Data                                                Seggregation   Understand the Data & Application Architecture       ...
Deployment                                               Model   Security aware developers   Application Design     App...
Deployment                                      Environment   Boundary Protection   Resource Priority   Configuration M...
Network                                       Security   Transmission Integrity     Secure Data in transit (SSL)   Intr...
Regulatory                                     Compliance   Global Legal compliance       SAS 70       SOX       HIPAA...
Availability   Application Design and Architecture     Design for performance     Graceful exits     Instance Isolatio...
Back up &                                          Recovery   Infrastructure   Protection of back up location     Encry...
IdM & SSO   Who manages it?   Checks & Controls     Id provisioning     Secure storage     Password Policies   Feder...
   Follow Me       Email: kanna@vsnl.com       Facebook: http://www.facebook.com/kannan.subbiah       LinkedIn: http:/...
SaaS Challenges & Security Concerns
Upcoming SlideShare
Loading in …5
×

SaaS Challenges & Security Concerns

4,860 views

Published on

This presentation is made out for the Chartered Accountants community at Chennai in the last week of January 2011. Comments and feedback are welcome.

Published in: Technology
  • Be the first to comment

SaaS Challenges & Security Concerns

  1. 1. Kannan SubbiahKnowledge Universe Technologies India Pvt Ltd
  2. 2. Own a house Vs Rent a house Own a Car VsEngage Call Taxi
  3. 3. •Chargeable unit •Geographical boundary •Business Domain •Implementation Partners •…•Hosting infrastucture•Support Multi-tenancy •On-boarding / Exit•Scalability •Customer Support•Internationalization •Service Level•… •Contract terms •…
  4. 4. Subscribed Self subscribe Hosted to the software or parts of Hosted (ASP)Affordability software. Software Software Customizable In-house Owned and rented, but by tenants to an H/W, S/W Managed, not designed extent owned and Infrastructure to scale managed. rented Time
  5. 5.  Multi Tenancy Subscription based service Scalability Manageability Self Service Sign-up Tenant specific customization
  6. 6. Attribute Traditional SaaSApplication Delivery Installed HostedUpdates / Release Cycle Larger / Longer Smaller / ShorterPricing One Time + Maintenance SubscriptionAccounting CAP-EX OP-EXImplementation Engage Partners / Simple, end user consultants configurableOperating Platform Multiple SingleValue proposition Once at the time of selling Continuous
  7. 7.  Pay per use Any where Access Subscription to service not software Least or no investment on infrastructure
  8. 8.  Stronger protection for IPR Operational control of the environment Recurring revenue stream Shared Infrastructure – PaaS / IaaS
  9. 9.  Microsoft – 4 level  Scalability, Multi- Tenancy and Configuration Forrester – 6 Level SEI – for assessing the organization and not the application Euro Cloud Star Audit None of them are popular
  10. 10.  Level 0 – Outsourcing Level 1 – Manual ASP Level 2 – Industrial ASP Level 3 – Single-app SaaS Level 4 – Business Domain SaaS Level 5 – Dynamic Business Apps
  11. 11.  Solution Design to address  Internationalization  Cloud Infrastructure  Support business & operating model  Multi-tenancy  Extensibility  Security and Audit  Wider scope - cover industry needs
  12. 12.  Must Support Larger impact SLA driven Disclaimers Increased Focus on  Reliability  Availability  Extensibility  Scalability  Quality, etc
  13. 13.  Migration from existing software Application Integration Data Integration Data Mining Authentication, Single Sign-on Network infrastructure
  14. 14.  Areas of support to include  Hosting infrastructure  Data center operations  Systems and network monitoring  Billing  Customer education Longer customer retention for better RoI
  15. 15.  Agile approach Rapid releases and upgrades Primary focus on  Rapid action on feedbacks  Usage statistics  Predict industry trends  Platform and tools used  Automated testing  Service aggregation
  16. 16.  Driving Contracts online Termination and Migration Security, Privacy and related risks Country specific regulations SLAs
  17. 17. Data Security IdM & SSO Data SeggregationBack up & DeploymentRecovery Model SaaS SecurityAvailability Deployment Environment Regulatory Network Compliance Security
  18. 18. Data Security Data Location Data Encryption Data Integration APIs Access Logs Return / destruction of data upon exit
  19. 19. Data Seggregation Understand the Data & Application Architecture  Separate Physical / Virtual Server(s)  Separate Instance on shared hardware  Separate Database  Shared Database Authentication and Authorization
  20. 20. Deployment Model Security aware developers Application Design  Application / Data Partitioning  Information Sensitivity  Design for Performance & Scalability Configuration Management Security Testing Threat Remediation Build & Release Cycles
  21. 21. Deployment Environment Boundary Protection Resource Priority Configuration Management Cloud Infrastructure  Certification / accreditation  Continuous Monitoring  Audit
  22. 22. Network Security Transmission Integrity  Secure Data in transit (SSL) Intrusion Detection & Prevention Other standard security measures  Man-in-the-middle  IP Spoofing  Port Scanning  Packet Sniffing
  23. 23. Regulatory Compliance Global Legal compliance  SAS 70  SOX  HIPAA  … Contractual obligations Need for Logs and Audit Trails Data Retention needs
  24. 24. Availability Application Design and Architecture  Design for performance  Graceful exits  Instance Isolation  Custom Code Modules SLA  Uptime Guarantees  Maintenance / Outage Notifications  Documented BC & DRP plans Code Escrow
  25. 25. Back up & Recovery Infrastructure Protection of back up location  Encryption  Access control to Backup location Recovery  Documented process  Drills
  26. 26. IdM & SSO Who manages it? Checks & Controls  Id provisioning  Secure storage  Password Policies Federated IdM  Trust relationships with tenants  Secure federation of user identities
  27. 27.  Follow Me  Email: kanna@vsnl.com  Facebook: http://www.facebook.com/kannan.subbiah  LinkedIn: http://in.linkedin.com/in/ksubbiah  Blog: http://www.kannan-subbiah.com

×