4 December, 2007 - 4:54pm

Gartner has just published new research with similar findings to Sxip's Security Bulletin stating, "Targeted phishing attacks will increasingly focus on software-as-a-service (SaaS) offerings that store large quantities of customer and business information" and that "users still are falling for phishing attacks, and the most dangerous of these are focusing on high value targets, like sales force automation and CRM systems." They recommend strong enterprise security programs for SaaS providers. We agree, however we suggest more advanced measures with no web form login by users, such as authentication with emerging Single Sign-On technologies like Information Cards, to substantially reduce the the phishing risk.