SaaS deployment mode, SaaS software providers will be uniformly deployed in the cloud service provider’s servers, the user through the SaaS software provider to purchase the appropriate software license (License) to use the software and obtain the corresponding services. Users do not need to install and deploy the software before applying the software, nor do they need to carry out regular software upgrades and routine maintenance, but only need to log in to the system to obtain the convenience brought by the system functions.
As the services and data are deployed in the cloud instead of the local server room in the SaaS model, users may have some concerns – can their data be effectively protected? In this paper, we start from the SaaS security issues that users are most concerned about, and explain in detail how to examine the security assurance capabilities of SaaS providers when selecting SaaS ELNs from the aspects of basic security, environmental security, application security, data security, compliance, and the division of security responsibilities.
1, SaaS platform deployment in the private cloud or public cloud
Public cloud platforms have higher availability, security and elasticity than private cloud platforms. It is recommended that public cloud platforms prefer mainstream cloud platforms such as Microsoft Azure, AWS, Aliyun, Tencent Cloud and Huawei Cloud.
2、Security management qualifications of third-party providers
When choosing a SaaS platform, it is necessary to examine the basic security capabilities, security protection capabilities and security qualifications of the third-party SaaS provider.
Take Microsoft Azure as an example, Microsoft Azure Cloud is a cloud platform jointly operated by Microsoft in mainland China and CenturyLink. Microsoft Azure Cloud has completed top global security certifications such as ISO27001, and the platform has also been certified by the Ministry of Public Security’s DJCP (Information System Security Level Protection Classification) and the national standard GB18030 at the same time. The Microsoft Azure cloud security system mainly includes physical and environmental security, basic security, disaster recovery and business continuity, etc. The security of the platform has been widely recognized by professional organizations, and it is one of the most trustworthy cloud platforms in the market today.
All business platforms of Innovation Cloud Community are deployed on Microsoft Azure Cloud IAAS platform, using Microsoft Azure Cloud to provide services such as computing/networking and storage. Innovation Cloud Community chooses Microsoft Azure cloud firewall system to provide peripheral network security, and enjoys the same security level as Microsoft China Office365 and other platforms.
- What are the security protection measures for SaaS applications?
The security capability of the SaaS platform is not equivalent to the security capability of the SaaS application, and the SaaS product/service itself needs to have sufficient security capabilities. iLabPower Innovation Cloud Community, for example, SaaS products must have a network level, database system level, environment level, staff level, operating system level and other comprehensive network environment security assurance. The specific measures are as follows:
(1) User Access
– Access interface security
① Adopt more secure https protocol (based on SSL transmission encryption protocol)
② URL encrypted by algorithm
– Privilege security
① The login password is encrypted, and each account is bound to the terminal.
② UC product authorization restrictions
③ Authorization and access based on employee business system roles.
– Access Control
Authorization and access based on employee’s business system role Access control ① Employee has a unique account, prohibiting the account login of departed employees.
② Account login password error protection mechanism
③ Audit: Information system logs and authority audit records are saved by backup for auditing when needed.
– Data Security
Data security ① Read-write separation to ensure data integrity and normal operation and reduce downtime.
② high availability system of two servers hot standby
② Hot standby for two servers in the high availability system ③ Make the database into a distributed database, sharing the bottleneck of each server resource tolerance
④ Lightweight distributed file system to solve the problem of mass storage and load balancing.
⑤ Adopt IIS10, system upgrade will not affect customer access to the system.
⑥ Arrange regular system and database inspection, data backup and anti-path tampering.
(vii) Effective methods provided by the existing network structure to expand server bandwidth, throughput, processing capacity, and improve flexibility and availability.
(2) System Security
– Organizational Security
The Innovation Cloud community team consists of a design security team, an R&D security team, and a maintenance security team.
– Personnel Security
Employee behavior meets the requirements of all laws, policies, procedures, and the Innovation Cloud Community Code of Business Conduct; employees have the knowledge, skills, and experience necessary to perform their duties.
– Delivery Security
Security throughout the product lifecycle from design, technical deployment, support, and maintenance; service delivery is closely linked to the company’s core processes.
– System Development and Maintenance
The R&D and maintenance teams are jointly responsible for the underlying architecture, business logic implementation, and on-line maintenance of the Innovation Cloud Community; collaborating to build a secure cloud service environment for Innovation Cloud Community customers.
– R&D Process and Standard Security
A robust R&D process is important for producing high-quality and secure products. The Innovation Cloud Community team incorporates product security baselines into the requirements list and conducts threat analysis of customer usage scenarios to achieve secure product design and development.
– Disaster Recovery/Business Continuity
In order to minimize service interruptions caused by hardware failures, natural disasters, or other catastrophes, Innovative Cloud Communities provides a disaster recovery plan for all data, including multiple components to reduce the risk of failure of any individual node: high availability, data protection, and disaster recovery.
4、SaaS platform will conduct regular penetration testing
SaaS platforms are required to conduct regular penetration tests and issue security test reports from relevant security vendors/service providers.
- Regulatory compliance and related privacy policies
All data in the SaaS platform including access with administrative privileges shall be logged and audited on a regular basis. An assessment of compliance with regulatory standards can help determine compliance and ensure that the right business processes are in place.
The ownership of SaaS platform user data belongs to the user. SaaS service providers are not allowed to use the data without the user’s consent, let alone sell it, and should take legal means to destroy historical data that is unnecessary to keep in a timely manner. saaS service providers have the responsibility to ensure that the user’s data is secure, and to make financial compensation for the user’s losses caused by data leakage and data loss.
The iLabPower Innovation Cloud Community’s Privacy Policy specifies in detail how user information is collected, used, stored, and shared, and the manner in which users are provided with access, updates, control, and protection of such information.
- How SaaS multi-tenant data is segregated
SaaS is based on multi-tenant architecture, a SaaS will have more than one user’s data saved in the same data storage location.SaaS providers should ensure that any one user can not access the data when accessing the data to the other user’s data, so the provider needs to ensure data isolation in the design of the SaaS application system and data model.
Microsoft Azure provides network isolation for each deployment, and by using input endpoints, it is possible to control which ports can be accessed from the Internet.
(1) Communication between VMs is always routed through trusted packet filters.
- Protocols such as Address Resolution Protocol (ARP) and Dynamic Host Configuration Protocol (DHCP), as well as other OSI Layer 2 communications from the VMs, can be controlled using rate limiting and anti-spoofing protection.
- The virtual machine is unable to capture any network communication with a destination address other than its own.
(2) The guest’s virtual machine cannot send communications to Azure’s private interfaces or to other guest’s virtual machines, or to Azure Infrastructure Services. A guest’s virtual machine can only communicate with virtual machines owned or controlled by the same guest, and Azure Infrastructure Services endpoints used for public communication.
(3) When a customer places VMs into a virtual private network, those VMs are given their own, completely invisible address space, which is then inaccessible from VMs outside of the deployment or virtual network (unless configured to be visible via a public IP address).
7, how to divide responsibility for security compliance
There is a consensus in the industry that in the SaaS model, security compliance responsibilities are shared between the SaaS provider and the customer. For example, if a security incident is caused by a vulnerability in the application system (application security), the responsible party is the cloud platform party; if a security incident is caused by a user using a weak password and identity theft (data security), the responsible party is the tenant party.
