SlideShare a Scribd company logo

Building Saas for the Enterprise

Download as PPTX, PDF
Beau Christensen, profile picture
Beau Christensen

The document discusses various tips and strategies for building software-as-a-service (SaaS) applications for enterprise customers. Some of the key points covered include the importance of security scans, secure development processes and third-party audits; using active-active failover and public clouds for availability and disaster recovery; storing configuration data globally but user data regionally; and developing automated processes for completing lengthy security questionnaires.

Technology
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
BUILDING SAAS FOR THE ENTERPRISE Beau Christensen Copyright © 2014 Ping Identity Corp. All rights reserved. 1
DEVOPS @PING Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 2
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 3 Security
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 4 Identity on the Perimeter Embedding Identity into the internet.
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 5 http://www.deviantart.com/art/JJ-Enterprise-Cutaway- 511151062
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 6 & Things will get easier.
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 7 Build a Change Process
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 8 Diversify your locations. Use the private cloud and public. Don’t put all your eggs in one basket.
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 9 Store Configuration Data Globally. Store User Data Regionally. Do not shard the application!
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 10 You will need to support old, shitty operating systems.
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 11 You NEED automated Security Scans, Secure Software Development Process, and yearly 3rd party audits of your software and infrastructure security. DDoS WAF -> Firewall -> Identity -> Firewall -> WAF -> OS -> Analytics
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 12 Use active/active failover and the power of the public cloud to avoid a massive BCP or DR plan. It’s far more efficient & you don’t have to maintain moar documents!
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 13 Public Uptime & Status + (local!)
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 14 Gigantic, 172 page security questionnaires are a favorite. Maintain a database of them, and make it a repeatable process that even a sales guy could do. WTF
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 15 They want access to you. (just be confident)
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 16 “The Big Game”
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 17 Don’t scale until you have to!
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 18 Befriend your legal people.
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 19
Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 20 Worth it.

More Related Content

PDF
David Suzuki Foundation The Road to TelePresence
Cisco Canada
 
PPTX
[US & Canda Webinar] The Top 3 Data Sanitization Challenges – And How to Over...
Blancco
 
PDF
Data Erasure Management: How to Protect Data Throughout Its Lifecycle - Blanc...
Blancco
 
PDF
SkySync
6PM Solutions
 
PDF
Top 5 Data Security Strategies in QA
QASource
 
PDF
Go Mobile with Cisco Webex
Cisco Webex
 
PPTX
Embracing the Open Source Model
Cisco DevNet
 
PPTX
2B Kjesbu Cold Technology Warm Hands EHiN 2014
IKT-Norge
 
David Suzuki Foundation The Road to TelePresence
Cisco Canada
 
[US & Canda Webinar] The Top 3 Data Sanitization Challenges – And How to Over...
Blancco
 
Data Erasure Management: How to Protect Data Throughout Its Lifecycle - Blanc...
Blancco
 
SkySync
6PM Solutions
 
Top 5 Data Security Strategies in QA
QASource
 
Go Mobile with Cisco Webex
Cisco Webex
 
Embracing the Open Source Model
Cisco DevNet
 
2B Kjesbu Cold Technology Warm Hands EHiN 2014
IKT-Norge
 

What's hot (6)

PPTX
D3TLV17- You have Incapsula...now what?
Imperva Incapsula
 
PDF
Introduction to Personal Privacy and Security
Robert Hurlbut
 
PDF
Top 5 Cisco Webex Integrations for Your Every Day Tools and Applications
Cisco Webex
 
PDF
Network Visibility For Openstack Operations
Debojyoti Dutta
 
PDF
Cyber Security Dr Sally Ernst
Cissy Ma FCPA GAICD
 
PDF
Cognitive collaboration: How AI and Machine Learning are Transforming the Wa...
Cisco Webex
 
D3TLV17- You have Incapsula...now what?
Imperva Incapsula
 
Introduction to Personal Privacy and Security
Robert Hurlbut
 
Top 5 Cisco Webex Integrations for Your Every Day Tools and Applications
Cisco Webex
 
Network Visibility For Openstack Operations
Debojyoti Dutta
 
Cyber Security Dr Sally Ernst
Cissy Ma FCPA GAICD
 
Cognitive collaboration: How AI and Machine Learning are Transforming the Wa...
Cisco Webex
 
Ad

Similar to Building Saas for the Enterprise (20)

PDF
Android P Security Updates: What You Need to Know
NowSecure
 
PDF
CIS14: Network-Aware IAM
CloudIDSummit
 
PDF
CIS14: PingID
CloudIDSummit
 
PPTX
Security intelligence using big data presentation (engineering seminar)
Marco Casassa Mont
 
PDF
2. Enterprise and Business Architecture Cloud Video Data
MrsAlways RigHt
 
PDF
CIS14: Are the Enterprises Ready for Identity of Everything?
CloudIDSummit
 
PPTX
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP-conference 2014
gopinathkn
 
PPTX
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014
AirTight Networks
 
PDF
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
CloudIDSummit
 
PDF
DIRECTORY CIS 2015 - Eric Fazendin
CloudIDSummit
 
PPTX
Beyond a Big Data Pilot: Building a Production Data Infrastructure - Stampede...
StampedeCon
 
PDF
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
NowSecure
 
PPT
BethClip Investors Pitch Deck (widescreen)
Rashid Aliyev
 
PPTX
Managing Identity without Boundaries
Ping Identity
 
PPTX
SplunkLive! Zurich 2017 - Data Obfuscation in Splunk Enterprise
Splunk
 
PPTX
TFI2014 Session II - Requirements for SDN - Jeff Doyle
Colorado Internet Society (CO ISOC)
 
PDF
Sqrrl February Webinar: Breaking Down Data Silos
Sqrrl
 
PDF
Monetization Strategies For The Internet Of Things
eCornell
 
PDF
Accelerating breakthrough business technologies in atlanta, tag featured spea...
Melanie Brandt
 
PPTX
Operationalizing Security Intelligence [ InfoSec World 2014 ]
Rafal Los
 
Android P Security Updates: What You Need to Know
NowSecure
 
CIS14: Network-Aware IAM
CloudIDSummit
 
CIS14: PingID
CloudIDSummit
 
Security intelligence using big data presentation (engineering seminar)
Marco Casassa Mont
 
2. Enterprise and Business Architecture Cloud Video Data
MrsAlways RigHt
 
CIS14: Are the Enterprises Ready for Identity of Everything?
CloudIDSummit
 
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP-conference 2014
gopinathkn
 
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014
AirTight Networks
 
CIS 2015 Multi-factor for All, the Easy Way - Ran Ne'man
CloudIDSummit
 
DIRECTORY CIS 2015 - Eric Fazendin
CloudIDSummit
 
Beyond a Big Data Pilot: Building a Production Data Infrastructure - Stampede...
StampedeCon
 
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
NowSecure
 
BethClip Investors Pitch Deck (widescreen)
Rashid Aliyev
 
Managing Identity without Boundaries
Ping Identity
 
SplunkLive! Zurich 2017 - Data Obfuscation in Splunk Enterprise
Splunk
 
TFI2014 Session II - Requirements for SDN - Jeff Doyle
Colorado Internet Society (CO ISOC)
 
Sqrrl February Webinar: Breaking Down Data Silos
Sqrrl
 
Monetization Strategies For The Internet Of Things
eCornell
 
Accelerating breakthrough business technologies in atlanta, tag featured spea...
Melanie Brandt
 
Operationalizing Security Intelligence [ InfoSec World 2014 ]
Rafal Los
 
Ad

Recently uploaded (20)

PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Encapsulation theory and applications.pdf
gurumoop
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
A Presentation on Artificial Intelligence
memembruh336
 
KodekX | Application Modernization Development
KodekX
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 

Building Saas for the Enterprise

  • 1. BUILDING SAAS FOR THE ENTERPRISE Beau Christensen Copyright © 2014 Ping Identity Corp. All rights reserved. 1
  • 2. DEVOPS @PING Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 2
  • 3. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 3 Security
  • 4. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 4 Identity on the Perimeter Embedding Identity into the internet.
  • 5. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 5 http://www.deviantart.com/art/JJ-Enterprise-Cutaway- 511151062
  • 6. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 6 & Things will get easier.
  • 7. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 7 Build a Change Process
  • 8. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 8 Diversify your locations. Use the private cloud and public. Don’t put all your eggs in one basket.
  • 9. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 9 Store Configuration Data Globally. Store User Data Regionally. Do not shard the application!
  • 10. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 10 You will need to support old, shitty operating systems.
  • 11. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 11 You NEED automated Security Scans, Secure Software Development Process, and yearly 3rd party audits of your software and infrastructure security. DDoS WAF -> Firewall -> Identity -> Firewall -> WAF -> OS -> Analytics
  • 12. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 12 Use active/active failover and the power of the public cloud to avoid a massive BCP or DR plan. It’s far more efficient & you don’t have to maintain moar documents!
  • 13. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 13 Public Uptime & Status + (local!)
  • 14. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 14 Gigantic, 172 page security questionnaires are a favorite. Maintain a database of them, and make it a repeatable process that even a sales guy could do. WTF
  • 15. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 15 They want access to you. (just be confident)
  • 16. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 16 “The Big Game”
  • 17. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 17 Don’t scale until you have to!
  • 18. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 18 Befriend your legal people.
  • 19. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 19
  • 20. Confidential — do not distribute Copyright © 2014 Ping Identity Corp. All rights reserved. 20 Worth it.