The Software as a Service (SaaS) model has been a key driver of digital transformation, and the convenient adoption of software and automation has propelled enterprises towards unprecedented efficiency. Household names like Box, DocuSign, Slack, Zoom, and Notion among others have become integral to enterprise operations, streamlining workflows like secure document exchange, e-signatures, large file transfers, data rooms, and messaging. But, as we proceed into a cloud-native, AI-powered, and privacy-aware era, a critical reassessment of the traditional SaaS model may be prudent.
The Achilles' Heel of SaaS: Privacy and Security
A glaring issue with traditional SaaS solutions is exposing and storing (sensitive) enterprise data with third parties (i.e., the SaaS providers themselves), raising significant third-party risks, cybersecurity threats, and compliance issues. While streamlining operations, these platforms become attractive targets for cyberattacks, with the potential costs of breaches posing significant risks to hundreds if not thousands of businesses and millions of individuals. Also, because each SaaS typically focuses on a small number of workflows, ensuring consistent configurations and security postures may not always be the easiest, especially when their backends are built on different public clouds.
It is also extremely difficult (if not flat-out impossible) to know exactly where enterprise data resides or is copied to (for backup reasons) among others. There are also no technical guarantees (only vague contractual and/or policy languages) that SaaS providers will not utilize customer data in advance of their machine learning and other AI/LLM capabilities, which may inadvertently leak sensitive enterprise information.
The purported advantages of SaaS, including ease of use, lower cost and maintenance, continuous software updates, and outsourced security, often do not fully materialize. Instead, organizations face a reality of high costs due to bloated management and inefficient operations of SaaS providers, sensitive data sprawl, compliance challenges, and a locked-in ecosystem, all of which amplify the risk and complexity of the enterprises' data protection and cybersecurity endeavors.
Envisioning a New Paradigm: Cryptographically Augmented Private SaaS (CAPS)
Today's technological advances offer hope for overcoming the standard SaaS challenges. The advent of cloud-native infrastructures, commoditized cloud storage, advancements in cryptography and Privacy Enhancing Technologies (PETs), and the rise of automation and AI pave the way for what we call the "Cryptographically Augmented Private SaaS (CAPS)" model. CAPS envisages a future where data privacy is paramount — no third party, not even the CAPS "SaaS" provider itself, cloud services, or ISPs, can see user data.
In this model, data is encrypted not only at rest or in transit but upon generation or ingestion and also at the content layer, ensuring maximum protection. The CAPS model also promotes ease of setup, cloud-to-cloud migration, and cost efficiency by potentially replacing multiple SaaS solutions with a single CAPS platform, leveraging amortized cloud costs.
Building the CAPS Model: Key Components
We advocate the following features when building toward such a future:
Fine-Grained Cryptographically Enforced Access Control: Ensuring that access to data is tightly controlled and secure and implementing the principle of least privilege (POLP) at the sensitive object level, not only at folder or file levels.
Shift-Up Paradigm in Data Protection: By embedding protection directly within the data containers (e.g., documents) per the above requirement, a consistent level of data protection travels with the data wherever it goes and is always on.
Split Keys and Threshold Cryptography: Enhancing security by distributing decryption and signing keys and operations using them (ala the secure multiparty computation paradigm), making unauthorized access considerably more difficult in the case of a backend compromise.
Post-Quantum Cryptography Ready: Preparing for the quantum computing era by adopting encryption methods that are resistant to quantum attacks. And even beyond that, ensuring cryptographic agility is built in in such platforms from the start.
Document View and Use Tracing: Implementing mechanisms for tracking how and by whom (whether machines or humans) documents are accessed and used, even after such documents are downloaded or shared outside the CAPS infrastructure.
Automated Deployment and Operation: Utilizing modern advances in AI and machine learning for efficient and self-managing deployment processes is within reach with recent advances of no-code infrastructure and LLM-powered development and DevOps tools.
Microservice Native: Ensuring that the CAPS platform is built for the cloud-native era, facilitating scalability, resilience, and ease of integration.
The transition towards CAPS that we advocate for, represents a paradigm shift in how one approaches thinking about enterprise software solutions. By addressing the inherent flaws of traditional SaaS from the ground up through a focus on privacy, security, and efficiency, we argue that CAPS offers a promising roadmap for a more secure and private future. As businesses become increasingly aware of the risks associated with data privacy and cybersecurity, and because every additional 3rd party amplifies such risks, we expect the demand for solutions like CAPS to rise, heralding a new era of secure, efficient, and privacy-aware enterprise operations.