Security Verified Certificate
Information security Certificate for SaaS/ASP-services
Many organisations offer their products as SaaS or ASP services. There are many aspects that speak for SaaS and ASP model in software deployment. However the end customer has to trust the software vendor on providing a secure and reliable software.
In software deployment models based on web applications - for example SaaS or ASP - the web application is a gatekeeper to several business assets: The confidentiality, integrity and availability of the data in the application and its back office systems. Compromised security through out the service technical implementation puts all of these at risk.
Security Verified –Certification provides a comprehensive modular approach to SaaS/ASP security assessment.
Verification of technical information security includes following phases:
-
Application Audit
-
Platform/Server Audit (2 pieces)
-
Administration practice –workshop
-
Possible re-audit on critical vulnerabilities
-
Certification for a year