Published in


Securing SaaS Solutions for Enterprise Grade Applications

… Did you know the federal judge in Minestonna now once approved targets $10000000 class action suit settlement for massive breach that expose customers credit and debit card details? If this could be you.

Very recently there was a hack in the Apple’s iCloud that resulted in release of very intimate photos of celebrities, as well as pic of customer data from a popular website called Ashley Madison. Look who got cheated? The customers are the products of ransomware. Sad irony. Ashley Madison has been in a creative business catering married people cheat on their spouses. And, now the very same customers got exposed.

If you are good at something, never do it for free

Going offline and resisting digitization in hall together is not a viable move for sustaining a business in the 21st century, perhaps be in North Korea. Connecting quick and efficient and inexpensive internet is not the only option to have a digitized environment. More and more people now shop online using web enabled mobile devices. It is obvious the data is likely captured in business based solutions by retailers. The details are most likely to be stored in the form of cookies, which are used for re-targeting by advertisers publishers and demand supply providers.

Nothing in the world comes free. The so called free basics provided by Facebook, she used to have an identity with its social network. A few years back Facebook made mistake with exposed profiles and expose all the data to the hackers. And, now in the name of FreeBasics, they are giving Free Internet and secretly capturing user data and other initimate charachter details. Can we trust a social network which has a reputation for is eccentricity, and had made its dollars and billions by selling private information, your personal choices, your preferences, your age, location, your sex, and other increment date details, including you are online browsing habits, to brands and online publishers?

HTML5 & Cross Device Scripting

Nearly 50% of all mobile apps are based on HTML5 Technology. HTML5 can come at a cost where wonder ability to injection by malicious code can be spread SMS texting across platforms like Android and IOS. What seems to be the problem with HTML5 is that it is inherently readable. Which means anyone can reuse or copy it as well as insert Malware into it. This poses serious changes to mobile sensitive information especially in cross device scripting attack.

Syracuse University’s researchers had uncovered that mobile devices running applications that are based on HTML5, are vulnerable to injection of malicious code which can be introduced by Bluetooth pairing, SMS text messaging, scanning WiFi, device scanning, 2D barcode scanning, playing MP3, MP4 videos can force hTML5 apps pass on malicious source code. An action as simple as file sharing is shocking.

The cross device scripting attack can propagate Malware using SMS text messaging. The cross device scripting attack can propagate the Malware mass texting message, even if mobile device carrying the mall where is of a different model.

Explorig the SaaS options

No business organisation will be ever immune to Cyber attacks but you can make it difficult for hackers to get your company’s sensitive data off the grid. And in of the chance they manage to get the hands on the data it would be nice to have the stolen data in a form that may be impossible to decode. Of course where are consumer grade options like Dropbox Microsoft onedrive and Google Drive.

However if data security is critical and Paramount for your business operations then you might want to search for a suitable cloud storage auto backup plans provided by where a reputed industry experts. Here are a few cloud storage options and backup providers who have enhanced encryption and security in providing data security for your business data.

Tresorit — This company so confident about the level of security they offer to the clients that they have a standing bounty of $50,000 challenge to successfully break into the system. With with their product the data they claim is encrypted even before it leaves a company’s computer and other authorised mobile devices. Files shared with other users are accomplished by encrypted links which can be an sent or revoked at any time, which is an effective way to come back breaches caused by erroring employees

Spideroak — Unlike the previous software spideroak is one of the top contenders with zero knowledge in the Cloud Service Arena. Zero knowledge protection means even the employees of the companies owned have any way of decrypting read data on their servers. It comes with an intuitive user interface and the centralised management tools and has a secure for collaboration as claimed by the company.

Mozy — This company claims to have mil-grade steel lining for its Cloud servers that backup and store data. It is a literary form, perhaps? Can I access remotely data from any part of the world with a simple Internet connection. Mozy offers option for the clients to backup the enter service and attach NAS very fast. There are numerous subscription options depending on your necessities. The web is a pretty precious place to be. And, the same can be said the for translating across in service of your chosen cloud vendor.

Does it is wise to always remain cautious about the privacy of your company data? Additional listen zero knowledge protection is going to play a big role in choosing a secure Cloud Service Provider. You should always told your company’s master password safe at all times. It is also very necessary that you keep the company is Master Data password safe. It is to be noted ICANN has trusted 7 different people in the world to to gaurd the master password for resetting the Internet. And, we hope that day never comes.




Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


SAPPOINT is an independent magazine on SAP