Pin Me

How Secure is SaaS?

written by: Daniel Barros•edited by: Bill Bunter•updated: 2/4/2011

We look at Software-as-a-Service providers and whether or not you should outsource your security to these third party providers - the answer may surprise you.

  • slide 1 of 2

    What is Saas?

    Saas, otherwise known as Software-as-a-Service, is the biggest buzz around the internet these days. With talks of an ethereal “Cloud” storing all your information sometime in the future, how far away are we from having cubicles that only have laptops in them to access information from a server farm somewhere all the way around the world?

    SaaS answers this question in an unexpected way. Rather than using a cloud to store your info, these services provide software available online, such as webmail, or the recently more prominent Google Apps and Docs. Everything from IM offered by Meebo to Gmail is being treated as a SaaS these days.

  • slide 2 of 2

    How Secure is Saas?

    But how safe is your information on these central servers? Here are three things to consider when picking your SaaS

    1. Choose Wisely, Young Padawan

    Your SaaS needs to be treated as carefully as your physical security provider for your office or place of business. Much the same way, you need a standard of reliability and dedication to serving your needs that surpasses the competition. In picking a company to provide you with SaaS, you need to make sure that they are financially stable (and will remain that way), that they are secure and capable of quickly restoring your data, and that they provide round-the-clock service.

    Should something go wrong, you need to have your data at your fingertips quickly and efficiently, and this is the biggest consideration to picking your SaaS provider. Of course, you won’t be going wrong with a service like Google’s Apps, but regardless, check that they provide EXACTLY what you need. Don’t be afraid to call up the customer support line and ask about specific features.

    2. Mirrors, Data Centers, and Statistics

    Here we get to the biggest issue regarding SaaS providers. With an SaaS provider giving you only a single server and a single data center, you should forget about signing up with them. A good SaaS provider stores your data with at least one, if not two backup copies in globally placed servers, so as to be safe from attack. Similarly, data centers need to be operated from multiple sites across the country, or even the globe. This way, should a data center go down, all your valuable information won’t be stolen or destroyed.

    3. SLA and the Future

    An SLA is a great way to protect your investment in an SaaS. A Service Level Agreement is a contract that you sign making the providing SaaS company give you the reliability you’re looking for. In an SLA, you should settle for 99% efficiency, that is – the servers should be operational and ready-to-go 99% of the time. Keep in mind that even doing in-house applications and server banks, you won’t be able to have 100% efficiency because the servers need downtime for upgrades and for maintenance.

    SaaS arguments are slightly reminiscent of when early web businesses first took off. People were reluctant to place their credit cards and social security numbers on the web while purchasing goods and services. However, given a certain amount of time and tinkering, the security came into place and people were finally ready to trust their information over to the internet. The same is applicable for SaaS – in a few years, companies and businesses will be wondering how they ever made it without using these invaluable tools of the industry for cutting down costs and maintenance.