Software-as-a-Service (SaaS) is, for better or worse, the model of modern software distribution and use. There are many benefits to this arrangement, but there are also significant security issues. Unfortunately, these security issues are ever-evolving and target almost every managed service provider on the market. 

This article touches on some foundational realities, challenges, and considerations for SaaS security. This includes questions of data management, app and vendor integration, and maintaining system integrity while handling a variety of users.

Read More

So, after a long journey, we’ve arrived at the twelfth and final requirement for PCI DSS 4.0. Last but certainly not least, this requirement emphasizes the need for creating, documenting, and implementing organization-wide security and compliance policies. 

Read More

The recent uncovering of the Log4Shell bug, tied to the ubiquitous log4j module, has swept through private and public organizations reliant on IT logging technology. A relatively simple bug, the implications of its widespread use means that remediation will be a long, complex endeavor. While the potential millions of implementations wait for updates, however, the complex infrastructure of national IT is vulnerable to attack. 

Read more about this bug and its potential threat to organizations across the world. 

Read More