|
QUESTION 4: Is there a single-tenant hosting option separated from that of other customers?
Another complicating factor is that in a true SaaS multi-tenant deployment, your company's data may be side-by-side with another company's data.
So it's important to understand how things are kept separate.
"The risk is that your data could leak out of your environment and be seen by other customers, potentially even their competitors," says Acumen's Stanley.
There are several ways in which customer data can be separated, and it's important to understand which method your SaaS provider uses, she says. For example, if the division occurs within the application itself, a bug within the application could cause a failure of separation, meaning your data cou...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
ld be exposed to other customers or, in a worst-case scenario, to the outside world. Another way of keeping customers separate involves working with separate Web servers running on shared hardware.
The rise of virtualization, with customers potentially hosted on different virtual machines, should make separation easier. But Burton Group cautions that while this will cut down on risks, these virtual operating systems are subject to the same risks. Moreover, the hypervisor management layer adds a level of vulnerability.
Stanley says your provider should run regular tests for data leaks. If it is not, you might be better off insisting on a single-tenant data storage option (closer to outsourcing) or looking for a provider that offers this choice, she says.
|
 |
|
