SaaS security collection

Software as a Service (SaaS) applications are increasingly popular. Many of us use them on a daily basis, so it’s important we know how to check if they are suitably secure.

To do this, the NCSC have developed a set of SaaS security principles, derived from a slimmed down subset of the NCSC’s cloud security principles. These SaaS security principles represent our judgement as to the minimum set of security attributes you should seek to understand before using a SaaS offering.

We have used the SaaS security principles to assess the security properties of a range of popular SaaS offerings. You can find these in the security reviews section below. You should read these as worked examples, demonstrating how the principles can be used to evaluate the suitability of any service you are interested in. Given that these services evolve over time, we recommend that you re-test your choice of service periodically.

As our approach provides a minimum level of confidence, your risk management processes might determine that your requirements are more exacting. This will be particularly true for workloads which you deem sensitive, or are covered by other regulations (such as PCI, DSS or GDPR).

Source: NCSC

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

You might also like