Which Threat Concerns You Most?

by Shawn Ryan
VP Technology Marketing & Chief Architect
Axway

Phil Cox wrote earlier this week in a TechTarget piece that his “experience has shown that the top three threats you’ll have to deal with in a SaaS offering are weak credentials, insecure protocols, and Web-based application flaws.”

In general, I agree with his observation.

Regarding the first point, yes, enforcing password policies strengthens users’ credentials.

The second item, insecure protocols, is of greater interest, and it can and should be converted from a risk into a strategic edge. But you should do more than merely secure. You should secure with a strategy for management and governance on the interaction patterns and make your organization more nimble as your SaaS opportunities come online and as you extend your existing on-premise enterprise services.

Interactions with SaaS providers require points of integration and need to be secured and managed by a strong B2B or MFT offering to provide security, auditing and compliance. The offering must provide security on top of files, messages and Web services, tying your internal systems and processes with the external SaaS framework. If you don’t have a strategy for how you interact across the four walls of your enterprise with SaaS providers, you’re either going to be saddled with the costs of VPNs or you’re going to put your organization at unthinkable risk.

To avoid this risk, an organization’s business interaction strategy should include an optimal method for interacting with partners and SaaS providers. In order to continue to gain a competitive edge and cost savings from SaaS, your organization needs strong, agile, secure and process-oriented B2B governance for all B2B interactions, including file transfers, messages, Web services and more.

Finally, when implementing these strategies, think through everything, even traditional things that you may do with your customers and suppliers, like EDI. Then ask yourself, “How will I provide security and governance on interactions with all partners, including those providing SaaS- or cloud-based services?”

Your answer to that question will highlight which of Phil Cox’s top three threats should concern you most, and the questions you need to ask your B2B vendor will become clear.

Leave a comment

No comments yet.

Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s