Denim Group has been acquired by Coalfire. Learn More>>

Search Software Quality: Data Security in a SaaS World


Search Software Quality published another of my answers to reader questions:

As a security administrator, I am concerned abou the security of my company’s data as it moves between two vendors’ SaaS applications. Am I wrong to think that there’s a weak link there? What steps can I take to test, monitor and strengthen security when data is en route?

You can see my full answer online where I talk about the importance of understanding how your data is going to be handled and negotiating appropriate legal controls before you start to load sensitive data into SaaS applications (sorry – registration required). For those looking for a quick preview, I talk about:

  • Understanding the SaaS provider’s data handling procedures as well as the procedures of any partners who will also have access to sensitive data
  • Shaping your use of the SaaS platform to turn off features that could result in data being communicated to additional parties
  • Maintaining the right to test the security of the SaaS applications on a periodic basis.

SaaS applications can provide great benefits, but you have to understand what data they are going to be allowed to manage and what assurances the provider can give that this will be done correctly. And the time to negotiate these points is before contracts are signed and the provider already has access to your data.

Contact us for help making sure the SaaS applications you rely on treat your data right.


dan _at_


About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

One Response to “Search Software Quality: Data Security in a SaaS World”

  1. Deloris

    Your style is so unique in comparison to other people I have read stuff from. Thank you for posting when you have the opportunity, Guess I’ll just book mark this blog.

Leave a Reply

Your email address will not be published. Required fields are marked *