SECURING SAAS VENDORS’ DATA
Software as a Service (SaaS) vendors have become well-established brands in the market. These are familiar names such as Salesforce.com, LinkedIn, Docusign as well as verticals such as AthenaHealth.com, Zenefits, and WellsFargo.com.
SaaS vendors allow users to access their services and data through a typical web browser such as Internet Explorer, Chrome and Firefox. The browser is redirected into a safe and secure connection called HTTPS. Although the connection is secure, many SaaS vendors have no security in their data center or limited security with a single encryption key. Intruders (hackers) have many ways to attack the now vulnerable SaaS vendor site.
Extenua has developed a software technology for the SaaS industry that will defeat potential hackers and even protect against disgruntled employees stealing information from the inside. Extenua provides unprecedented security utilizing its patent pending SAFE AI for web server client software.
- A SaaS vendor with thousands of paying customers simply runs Extenua SAFE AI for web server as a client on the SaaS front end servers as an Independent Software Vendor (ISV) with no change in the operation of the SaaS vendor programming or user interface.
- Extenua provides the SaaS vendor’s infrastructure a very robust encryption schema with data obfuscation that is significantly hardened compared to the typical AES 256 encryption available by competitors. They, therefore, don’t need to write and deploy an entire application, but can focus on their industry-specific code.
Extenua now has an economic advantage in working with SaaS vendors in that the SaaS vendor already has thousands of happy and paying customers. SAFE AI is simply running on the SaaS vendor’s portal while the SaaS vendor continues with operations as usual using its marketing and sales force to increase subscribers.
Centrally hosted Software as a Service is enjoying rapid growth although security of data continues to be the number one concern amongst potential customers. Standards for Cloud SaaS vendors remain relatively archaic. The risk to SaaS vendors and their customers are increasing as we see both an increase in cyber-attacks and more sophisticated attacks.
Extenua can help you protect your data assets from both internal and external breaches with the implementation of our SAFE AI for SaaS web server product. To keep pace with the escalating risk, Extenua developed SAFE AI for SaaS as a new model of information security that is purpose built to protect SaaS vendor’s data from both insiders and outside cyber-attacks.
The risks are too great to ignore. Regulatory compliance mandates various levels of security and an assumption of privacy. Corporate Governance has become ever complex depending on the industry or even the type of business transactions. The federal Gramm-Leach-Bliley Act (GLB) requires states to issue privacy rules in accordance with or more stringent than GLB. Laws and court decisions, at both the federal and state levels, play and increasingly important role in insurance privacy. New regulations, costly litigation, consumer expectations coupled with the daily barrage of cyber-attacks making data security too risky to ignore. According to the Office of Civil Rights (OCR) data breaches in the healthcare industry exceeded 112 million records in the United States! The cost of non-compliance can be extraordinary. HIPAA violations can vary between $50,000 and $1.5 million per violation. One of the largest Health and Human Services HIPAA settlements cost the company $4.8 million.
Extenua’s SAFE AI provides “safe harbor” when implemented with on-premise storage, cloud storage and hybrid environments.