Security Guidance v4.0 > p.125 > SaaS Encryption
SaaS providers may use any of the options previously discussed. It is recommended to use per-customer keys when possible, in order to better enforce multitenancy isolation. The following options are for SaaS consumers:
• Provider-managed encryption: Data is encrypted in the SaaS application and generally managed by the provider.
• Proxy encryption: Data passes through an encryption proxy before being sent to the SaaS
application.
A. Provider-managed and (sometimes) proxy encryption
The encryption options available for Software-as-a-Service (SaaS) consumers typically include provider-managed encryption, where the SaaS provider handles encryption and decryption of data, and sometimes proxy encryption, where the consumer encrypts data before sending it to the SaaS application through a proxy. These options help enhance the security of data within the SaaS environment.
Option B is not accurate because SaaS encryption options might differ from those available for volume storage, object storage, or Platform-as-a-Service (PaaS).
Options C, D, and E are not specifically representative of encryption options available for SaaS consumers.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SHERLOCKAWS
5 months, 3 weeks agobyfener
10 months, 2 weeks ago