Is SaaS the Efficient Hackers Dream Come True?

Originally posted on September 19, 2006

NetworkStreaming’s Remote Desktop Support By-Passes the Security Concerns of SaaS

In a recent article in Network World, Herbert Thompson explains how the software as a service (SaaS) delivery model brings with it inherent security concerns. Among the most compelling example is Thompson’s point that SaaS providers present a tantalizing target for hackers. The reason is the same reason that Microsoft is a much more appealing target than Mac. If you’re going to go to the trouble of hacking someone, you might as well get the most bang for your buck. In Microsoft’s case, you get to infect 95% of the computer market instead of 3%. In the case of SaaS, you get access to the data from a thousand companies instead of just one. When you think about it, a SaaS provider is sort of like a storehouse for their customer’s data. Hundreds or thousands of customers use the same SaaS company and enter reams and reams data about all sorts of things, from the shipping address of their cola vendor to the social security numbers of all their employees. The companies using a SaaS provider don’t have to be that big for the amalgamated storehouse of data at the SaaS datacenters to be enormous. For this reason, it is a pretty obvious target for a would-be hacker.

Don’t try to hack all thousand companies individually, just hack their SaaS provider. You can save a lot of time.