Digital Discourse / Software / Security

Setting Expectations in SaaS: New SLA resource available for SIIA members!

April 17, 2010 By

Download: Setting Expectations in SaaS
(Available to SIIA Members only. If you are having trouble logging in, please let me know)

The sample SLA has been one of the Software Division’s most requested resources since 2007, so we’re thrilled to announce the 2010 update!

For more information on Service Level Agreements and to engage directly with the authors, check out our follow-up webinars!

June 3, 2010 | Service Level Agreements in SaaS: Handling Issues As They Arise
June 24, 2010 | Software Customization Projects: Your Contract May Not Be As Good As You Think

About the Authors

Daniel E. Rhynhart provides legal counsel to clients on a wide range of business issues. He specializes in resolving disputes arising from software development, design, implementation, integration, maintenance, support, disaster recovery, and other intellectual property issues.

Lisa Casey Spaniel concentrates her practice in intellectual property matters, software and technology licensing, technology and business agreements and transactions, electronic commerce and privacy issues, and promotions law. She specializes in software and web site development, design, implementation, integration, maintenance and support, disaster recovery and source code escrow agreements and related outsourcing, hosting, application service provider, OEM, resale and other sourcing and distribution agreements and models.

About Blank Rome LLP

Blank Rome LLP is one of America’s largest law firms. With more than 500 attorneys serving clients across the globe, Blank Rome is an international law firm representing businesses and organizations ranging from Fortune 500 companies to start-up entities. Blank Rome helps its clients in all aspects of their businesses. The Firm’s practices cover areas including business tax; commercial and corporate litigation; employment benefits and labor; financial services; bankruptcy and financial restructuring; government relations; health law; intellectual property; maritime, international trade and procurement; matrimonial; mergers & acquisitions and private equity; product liability; public companies and capital formation; public finance; real estate; trusts and estates; and white collar, internal and government investigations. Blank Rome also represents pro bono clients in a wide variety of cases and matters. More information about the firm is available at www.blankrome.com.

Share|
Filed Under: Cloud Computing, Government, Security, Software Tagged With: , , , , , ,

Social Networking surge highlights need for diligence around the basics of online security

February 8, 2010 By

Recent headlines involving RockYou.com’s lack of simple password requirements and Twitter’s password phishing scams help remind us that no matter how advanced technology gets we can never forget the basic fundamentals of security.

The RockYou.com issues brought to light two big things. First, the lack of security controls in place within RockYou.com’s own systems starting with passwords being stored in clear text. Second, the lack of requiring people to choose somewhat difficult passwords allowed people to put in extremely simple passwords like “12345”. Of course storing the passwords in clear text trumps the use of simple passwords, since anyone within RockYou.com, or in this case, someone able to break into the systems now has all of the passwords regardless of how simple or complex they are. What I pull out of this, besides the complete disregard for security controls at all is that if you allow people to make poor judgment decisions, they will.

Twitter recently sent an email to several users of the system telling them that Twitter had reset their password because of concern that it had been compromised due to a phishing scam. That was very nice of Twitter to take the proactive approach of contacting its users and letting them know, but their email looked like a phishing attack itself. The email was nice enough to even contain links sending people to password reset page. Again, allow people to make poor judgment decisions and they will. In this case it’s all legitimate, but next time it’s going to be an email sent from someone other than Twitter, and include links that look like helpful Twitter links, but will in fact be another phishing attack. Twitter is helping perpetuate its own issue….and people will click on the links.

So that brings me back to never forgetting the basic fundamentals of security. Everyone has to protect themselves. We are all very comfortable using computers and surfing the web, and with that comfort comes complacency. We all need to take the time to think about what it is we’re putting on the web, and take the extra steps to make sure we protect ourselves by using complex passwords, different passwords on different web sites, and changing our passwords frequently. No matter how advanced technology becomes, no matter how safe a site looks, or how comfortable we are with sites we go to the only thing protecting everything we put on the web is still a simple password.

David Lingenfelter is the Information Security Officer at Fiberlink. He is also a contributor to the MeVolution Blog. David can be reached at dlingenfelter@fiberlink.com.

Share|
Filed Under: Security, Social Media, Software Tagged With: , , ,

Cloud Security Webinar

January 19, 2010 By

Security and Cloud Computing have come a long way in just a few years. Understanding these issues becomes vital as Cloud Computing expands into government and the large enterprise. New trends — like the emergence of private clouds — are changing the way companies think about their security strategy. In this webinar, you’ll hear persepectives from service providers, platforms, pure-play firms, and other players in the Cloud Security space.

Moderator:
Lars Ewe, Chief Technology Officer, Cenzic
Panelists:
Deb Banerjee, Director of Engineering, Symantec
Jim Cavalieri, Chief Security Officer, Salesforce
Steve Riley, Sr. Technical Program Manager, Amazon Web Services

Share|
Filed Under: Cloud Computing, Security, Software Tagged With: , , , , , , , ,
Newer Posts »