.

SECURING SENSITIVE SAAS USING CLOUD ACCESS SECURITY BROKERS

What security can be added when you don't control the application.Benefits and drawbacks of the security broker pattern.How security and application functionality are balanced when encryption is used.The fact that software as a service (SaaS) is managed by a cloud provider makes it attractive to many organizations, but this also means they are at the mercy of the provider for security features. Even worse, the provider generally has access to the data in the application. A solution may be found by introducing cloud access security brokers - gateways that can enforce access control, auditing and monitoring, and even encryption of data before it goes to the provider. Although promising as a design pattern, organizations must account for the impact and limitations of such solutions.