Is SaaS The Only Way To Stay Secure On The Web?

The SaaS (Software as a Service) technologies seem to represent today's solution for remaining secure on the Internet, as the attackers attempt to exploit every flaw discovered in the traditional downloadable software. In case you haven't heard about SaaS, it is "a software application delivery model where a software vendor develops a web-native software application and hosts and operates (either independently or through a third-party) the application for use by its customers over the Internet," as the Wikipedia description says. In fact, it allows software developers to create, host and manage technologies, for its customers over the Internet.

SaaS has been regarded as a way to protect consumers' data and avoid exploit or other threats. However, these technologies proved to be vulnerable as well, as Salesforce.com has been the victim of a phishing attempt. In fact, it was an employee, who was the victim of the phishing scam, because by disclosing his password, the attackers could steal passwords and details of the company's customers.

Obviously, such a flaw could easily cause a new spam campaign/web scams/hack attacks over the clients, because a potential attacker had all the information he needed for such an attempt.

"The SaaS leasing model permits companies to avoid the expense and headache of installing complex software packages that typically require huge outlays of cash for hardware and software upgrades," explains William H. Venema, a member of the Business Law practice and administrative partner at the Dallas office of Epstein, Becker Green Wickliff & Hall, P.C.

"Theoretically, SaaS frees users from having to hook up another computer in a remote data center to yet another database to an additional application server to one more security server. The challenge with such an open system is that security can be easily compromised unless the proper protections are in place."