Businesses Likely to Use SaaS for Sensitive Data: Gartner
Despite caution from businesses when using SaaS platforms to store sensitive data, there is still a lack of policy coordination, a Gartner report finds.Organizations that use software as a service (SaaS) platforms for data are more likely to use it for sensitive data than for mission-critical data, according to a new report from IT research firm Gartner. The study, which is based on a survey of 425 respondents from IT risk management disciplines in the United States, United Kingdom, Germany and Canada, shows that organizations take different approaches to risk management when they face a need or opportunity to share data with different types of external parties. Compared with platform as a service (PaaS) or infrastructure as a service (IaaS), organizations were about 30 percent more likely to have a policy against putting sensitive data into SaaS (26 percent), and about 45 percent more likely to have a policy against putting it into outsourced data centers (29 percent).
"These results make sense, given that sharing data with a partner almost certainly means that one or more of its employees will be accessing the data, while in a SaaS scenario, the data is typically only accessible to the primary customer," Jay Heiser, research vice president at Gartner, said in a prepared statement. "This year, we asked about both data availability and data confidentiality policies. Survey respondents indicated 10 percent less willingness to place mission-critical data into a SaaS offering than to place sensitive data into it. They were even less willing to place mission-critical data into outsourced data centers, with over one-third of respondents saying that they do not allow it."