Access your Pro+ Content below.
Carefully evaluate providers' SaaS security model
This article is part of the December 2009 issue of Information Security magazine
As the director of IT for a non-profit, Richard Navarro needed an affordable network monitoring application that would allow his small staff to quickly hunt down the root cause of email outages and other problems. He found what he was looking for from AccelOps, delivered via an outsourcing model that would give most IT administrators pause: software-as-a-service. Did he worry about security? Absolutely. "Who had access to their environment? Where was the environment being stored? What was the change control around it?" These were questions that Navarro, of the Jewish Home of San Francisco, a skilled nursing facility specializing in services for seniors, was asking. His concerns were allayed after conducting an assessment of AccelOps, which included looking at who would be accessing data, how that access would be secured, and what data the vendor would store--no personal health information, only network traffic data. He also made sure data transported from the nonprofit to the vendor was encrypted. SaaS is becoming increasingly ...
Access this Pro+ Content for Free!