Should SaaS Companies Publish Customers Lists?

22 May 2017

A few weeks back, HR and financial management firm Workday.com sent a security advisory to customers warning that crooks were sending targeted malware phishing attacks at customers. At the same time, Workday is publishing on its site a list of more than 800 companies that use its services, making it relatively simple for attackers to chose their targets. This post examines whether it makes sense for software-as-a-service (SaaS) companies to publish lists of their customers when those customers are actively under siege from phishers impersonating the SaaS provider. At its most basic, security always consists of trade-offs.

Read full news article on Krebs on Security

Date:

22 May 2017

Categorie(s):

NEWS

Tag(s):

Companies, Customers, OAuth

Akira Ransomware Attacks Over 250 Organizations and Collects $42 Million19 April 2024
Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted19 April 2024
Germany cuffs alleged Russian spies over plot to bomb industrial and military targets19 April 2024
Sorenson Capital leads $7.95M seed investment in cyberthreat intelligence provider VulnCheck19 April 2024
How AI Enhances Cybersecurity: Expert Insights from Khurram Mir of Kualitatem19 April 2024