Sorry for the big title... But I wanted to talk about compliance and security in the cloud, drawing particular attention to the differences between large multi-instance SaaS clouds such as Sales Force and smaller single instance offerings. Confused a bit?... Let me explain. There are several different models of SaaS (Software as a Service).
On one side of the spectrum, we have very large multi-tenant offerings like Sales Force where all tenants and all processing is done within one procedural domain and backed by one large ubiquitous database. Data for multiple tenants gets treated side-by-side within the same executable and all tenant data is stored within the same database. In an of itself, this model becomes very efficient from a provisioning stand point when large numbers of tenants are involved, but from a compliance and security stand point, it's a bit of a nightmare. Usually, after a certain threshold is achieved, large SaaS providers will usually deploy their own data centers since it's cheaper to do so than to depend on a third party for processing capabilities. Attacks such as SQL injection or a DoS attack could allow one tenant to gain access to another tenants data or deny timely access to other tenants. Then there is issues such as data remenance (i.e. what happens to the tenants data when the vacate?), data backups, Patriot act data confiscation, etc... In a setting where data for multiple tenants reside side by side, compliance management and risk analysis becomes increasingly complex. The threat exposure is also much greater in such an environment.
On the other side of the spectrum we have what I term 'Single Instance SaaS', where a SaaS provider will stand up a single instance of their offering on a per-tenant basis. Each tenant gets their own separate processing domain and their data gets stored within their own separate database. For early to market offerings, this model is very cost effective and offers a lot of benefits, from a compliance, security and management stand point. This model is very popular with small or medium sized providers who rely on public clouds as the foundation for their provisioning (since it's absolutely too damn expensive to host your own data centers). They only need to provision tenant resources during the on-boarding process and are able to decommission those resources when a tenant vacates. At first, this model is very cost effective (since the provider only provisions resources during tenant onboarding), but once a certain tenant population is reached, the model becomes less cost effective. Issues such as data rememance and data backups are more easily managed and secured under that model. Other issues such as those revolving around the Patriot act are also greatly mitigated since there is much less risk that one tenants data will be confiscated should the DOH or FBI server a warrant on another tenants data. This model also offers both providers and tenants with compliance and security options that would not otherwise be possible in a Sales Force model. This is a model that is very popular with legacy software vendors who are able to 'saassify' their legacy applications (there are even companies such as Parallel who specialize in 'saassifying' legacy applications) and offer them through service portals such as Savvis. I personally see a lot of growth in that model since the majority of software vendors will probably end up hosting their offering in providers such as Savvis.
No comments:
Post a Comment