SAAS Software As A Service.

InsurancePreviewImagine having your competitive data on the same computer as ten competitors. That’s exactly what happens with Software As A Service (think Salesforce.com). Many companies have their prospect lists, clients and sales data on the same computer. Yet these companies sleep like a baby at night … how?

This SaaS application I wrote for an insurance client. They wanted it for their 25 telemarketers and five insurance agents. But they also wanted to sell it to other agents. That meant that the prospect lists, clients and even telemarketing scripts stay confidential. But how?

Because a SaaS application will be used by multiple users, it is critical to keep data separated, encrypted and only available to the right users. To keep data separate, I wrote server side code that knows where the data is, but does not transmit this to the web browser. Basically, when a user logs in, my server code gets the right data, and that is presented to the session of the logged in user. And the data for each company is either in a different folder on the same server, or on a totally separate server.

SAASCodeThe server code uses an un-coded root location. And from their, it parses the remainder of the location. This thwarts hackers.

Next, each company gets it’s own database file. And that file is encrypted. So getting the file is useless. Yet the decryption code is based off the user ID/Password pair. So the right person gets access.

Unlike Apache, MySQL, PHP solutions, compiled server side applications are hardened. They are protected against MySQL injection attacks, PHP attacks by viewing the code, and common web server exploits.

This insurance application allows multiple competitors to co-exits – sharing the same application, but none of the data, data locations or decryption keys.

For a Video pre-view goto http://youtu.be/T3bWZC56v7Q

Thanks Eric

adminbolt

About the Author

adminbolt