How to Ensure SAAS Providers Are Truly Protecting Your Data - 1

From small businesses to large enterprises, 2009 was the year software as a service broke into the mainstream. But the transformation of this once niche segment into a mass-market phenomenon hasn't come easily. One roadblock to greater SAAS adoption has been executives' lack of clarity around best practices for security protocols and data protection. Here, Knowledge Center contributor Jonathan McCormick explains how executives can ensure that SAAS providers are truly protecting their company's data.


Just recently, T-Mobile, which employs software as a service (or "cloud") technologies to store its customers' data, suffered a serious systems failure. This failure cost many of its customers their contact information. Following the event, it was blogged how these "incidents clearly illustrate that whenever organizations entrust their data to a third party, whether via a cloud computing service or a traditional outsourcing arrangement, it is important to carefully evaluate the vendor's technical and operational capabilities to fully protect the data to mitigate potential business risks."

The T-Mobile incident and other similar occurrences underscore the urgent need for executives to better understand the security protocols of their current or prospective SAAS providers. As such, here are a few tips executives at any size business should use when seeking out SAAS services.

What constitutes data protection?

Data protection concerns should be the critical deciding factor in selecting a SAAS provider. But it's not security against hackers and viruses that should stir the most alarm; rather, it's the loss of irreplaceable data due to outages and technical glitches that's proven most problematic.

Whether this data is found in e-mail messages, contracts or other critically important business documents, the permanent loss of such information can and has proven devastating to companies of all sizes.