“Many SaaS providers do not offer multi-tenant data protection and choose to rely on data at rest encryption for all their customers’ data,” explained Ho. “They avoided this highly effective security control due to the large number of code changes required to encrypt each customer’s data separately and the complexity of managing each customer’s keys. Despite their names, AWS and other CSPs only provide key storage and leave the management and lifecycle of encryption keys to the application.”
Baffle actually offers a multi-tenant encryption solution for SaaS providers that manage customer data in databases, and now, S3, without any code changes to their applications, Ho added. The new offering, Baffle claims, will reduce the cost of implementing and managing multi-tenant security, reduce data security risks, and increase SaaS providers’ capabilities for customization and scalability.
Source link