undefined | Better HN

0 pointsbykovich9y ago0 comments

When has a SaaS operator stolen data hosted on their service?

0 comments

Not agreeing with thread OP here, but I would certainly differentiate between "stealing" and "exploiting" (not in a security exploit sense). User data certainly gets exploited on _some_ SaaSs that would otherwise be unexploitable on your own stack.

I'm not saying this necessarily applies to compute engines or storage as a service or whatever, but something like gmail (SaaS) where your data is used to target ads at you could be considered exploiting your data. I would not put it beyond large companies to start considering doing the same on their storage-as-a-service offerings soon enough.

Oletros9y ago

The difference is that in the case of Gmail, monetisation is though ads and in the case of compute engine or storage the monetisation is through client payments.

If Google, Microsoft or other companies start to look at the data to exploit it hey will lose trust, the customers and the data.

z0noxz9y ago

The question was about Microsoft, and it depends on the definition of "stealing" and the definition of "your". It's in the terms and conditions when using their services. As a user you agree to a lot, that you probably wouldn't agree to if you took your time to read the fine print. Many SaaS operators has also a history of selling data to others, and a breach of the service might effect all users of that service and not just one. Many companies have restrictions against usage of SaaS for exactly those reasons...

Oletros9y ago

> It's in the terms and conditions when using their services.

The it will be easy to point to those terms in Azure service.

> SaaS operators has also a history of selling data to others,

Then it willbe easy to link to news about those SASS operators selling the data.

> Many companies have restrictions against usage of SaaS for exactly those reasons...

Then it will be easy to bring examples of those companies with restrictions.

z0noxz9y ago

If you haven't looked it up for yourself in 10 days (when I have access to my PC) and if I remember this, I will send you some reference to read. But I if you really want to find out (which I doubt) just look it up yourself. It's so easy. I get the feeling you have some affiliation with MS?

1 more reply

itaysk9y ago

https://www.microsoft.com/en-us/TrustCenter/Privacy/default....

Also, Azure has the best suite of compliance\certifications that demonstrated their commitments.

BTW, Have you read the terms and conditions before speculating on them?

j / k navigate · click thread line to collapse

0 comments

avh029y ago

Oletros9y ago

The difference is that in the case of Gmail, monetisation is though ads and in the case of compute engine or storage the monetisation is through client payments.

If Google, Microsoft or other companies start to look at the data to exploit it hey will lose trust, the customers and the data.

z0noxz9y ago

Oletros9y ago

> It's in the terms and conditions when using their services.

The it will be easy to point to those terms in Azure service.

> SaaS operators has also a history of selling data to others,

Then it willbe easy to link to news about those SASS operators selling the data.

> Many companies have restrictions against usage of SaaS for exactly those reasons...

Then it will be easy to bring examples of those companies with restrictions.

z0noxz9y ago

1 more reply

itaysk9y ago

https://www.microsoft.com/en-us/TrustCenter/Privacy/default....

Also, Azure has the best suite of compliance\certifications that demonstrated their commitments.

BTW, Have you read the terms and conditions before speculating on them?

j / k navigate · click thread line to collapse