When buying a SaaS software having the requirement of BYOK to protect your data into the SaaS? How would you prefer to implement it?

ArchitectureStrategy

Pass the keys to be applied periodically to the SaaS provider 21%

Have a third party tool to manage an intermediate keys model 72%

Let SaaS applications call your Key Vault or HSM 4%

No need if SaaS provider use CSP key managed services (let hyperscaler do and manage keys)3%

68 PARTICIPANTS
725 viewscircle icon1 Comment
Sort by:
CISO2 years ago

You mitigate risk by having a third-party. If you get attacked, they are not. If they get attacked. You isolate them and create a new key.

Content you might like

Does your company have policies in place to protect access to cloud-based documents?

Yes, we have many27%

Yes, we have a few62%

We have some but don’t really enforce them8%

We don’t have policies in place to protect documents1%

View Results

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented 

Read More Comments

What "tells" have you noticed for AI-generated text (i.e., typical words/phrases, or other patterns indicative of GenAI)?

Read More Comments

What is the most important factor to consider when developing a patching strategy?

Compliance requirements25%

Operational objectives65%

Ease of implementation8%

Cost

View Results

What is the right platform/cloud services with of the shelf tools can be used to create enterprise GenAI SaaS in organization with multiple companies and subsidiaries?
In the target SaaS model, multiple APIs should be available to consume external LLM services, front end, prompt library that can be used by the end user, predefined data sources, Guardials and security controls.

Read More Comments