Software as s Service (SaaS) is here to stay. As business networks, industry representatives and ISV's, we firmly believe that the Cloud offers a major advantage to companies developing and offering their solutions as a service in the Cloud. The platform SaaSificationSecurity.com is dedicated to providing ICT privacy & security guidance to those companies wanting to make that transition, or the ones who have made the transition and are seeking to improve their privacy and security measures. SaaSificationSecurity.com is an evolving instrument, initiated by LSEC that started in May 2014, as part of the Nebucom SaaSification for ISV's activities. Our ambition is to grow beyond the Nebucom Security and serve as a global repository platform for SaaSification Security.
SaaS is rapidly changing the way software companies bring their products and services to the market. Thanks to SaaS, companies can now reach a global audience instantly.
The Cloud offers massive opportunities in going to market swiftly, extending the offering with additional services from partners and technology provider instantly, allowing to do infinite scaling if and where needed.
The Cloud also brings along a series of considerations, many related to security, privacy and control. With SaaS, another series of challenges opens up.
The aim of this website is providing guidance on :
1. security and privacy challenges for a new and existing publisher - SaaS provider, both from and end user perspective (the SaaS platform being hosted in the cloud) as from a provider perspective (the SaaS platform providing services to other end users, and being a cloud provider itself)
2. securing the applications and services themselves, from the perspective as a software vendor : considerations on software development, authentication and identity, publishing and licensing, software protection, reverse engineering protection, application server security, (in) payment processing, key management, ...
3. developing SaaS models for security vendors which are becoming part of the architecture of the cloud itself, similar to traditional security : Identity as a Service (IDaaS), Authentication as a Service (AaaS), Web application Security Firewalls, ...