Home » Data Center Security Finds Solutions in Software as a Service

Data Center Security Finds Solutions in Software as a Service

October 1, 2012

Software as a Service (SaaS) is a delivery model in which applications are hosted at an outsourced data center and sold to the enterprise security or IT user as a monthly subscription. With the physical security industry increasingly shifting to this approach, it is crucial that government buyers understand what security factors to consider when looking for a SaaS provider, according to Steve Van Till of Brivo Systems.

Because data security is still reported as the number one CIO concern with outsourced application services, it also needs to be the number one concern for the physical security SaaS buyer. “First and foremost, this means that you need to ensure that SaaS providers undergo regular third-party application security audits, and that they are willing to share those results with you in writing. There are a variety of standards that govern security audits, but one of the most common in the U.S. is SAS-70. Other standards to look for would include SysTrust, WebTrust or ISO 27001/2, depending on the application,” Van Till says.

Because SaaS security systems exchange data between on-premise devices and off-premise hosted applications, they need connections through the corporate firewalls, Van Till points out. There are both safe and unsafe ways to do this.

In a nutshell, enterprise security devices, such as control panels, cameras, etc., should be initiating the connection to the hosting data center, and not vice-versa. “Why’s that? First of all, you never want to open any inbound ports on your firewall unnecessarily. That’s just bad policy,” explains Van Till. “Second, firewalls are typically already configured to allow outbound connections from your network to external services points, such as Web sites. This principle explains how your corporate network can safely allow employees to connect to millions of Internet sites without specifically having to identify each one in advance, and, at the same time, keep millions of hackers from gaining entry into your network or personal computer. You should ask no less from your physical security solution.”

I want to hear from you. Tell me how we can improve.

BNP Media Owner & Co-CEO, Tagg Henderson

You must login or register in order to post a comment.

Locations that were once considered safe havens such as schools, places of worship and healthcare institutions are no longer immune to acts of violence, and that includes healthcare, such as hospitals, emergency rooms, and facilities that provide healthcare outside of a hospital environment.

Poll

Emergency Communications

View Results

Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2020 January

This month, Security magazine highlights the importance of establishing the right metrics for your security program. Also, we highlight Eric Clay, Director of Public Safety for CoxHealth, and discuss how to build a successful K-9 Program and rethink "red flags" to prevent insider threat attacks. Industry leaders discuss this year's Presidential Election security and 2020 predictions for the security industry.

View More Create Account

Data Center Security Finds Solutions in Software as a Service

Related Articles

Related Products

Related Events

Report Abusive Comment