Monday, December 12, 2011

Implementing SaaS Solutions Reduces Security Concerns

"The user's going to pick dancing pigs over security every time" - Bruce Schneier"

In this post I am publishing an article by a guest contributor - Rashed Khan (rash799@hotmail.com) who points out interesting study results...

Software as a service (SaaS) for application delivery is a hot topic when it comes to questions of security. Adding SaaS components in any form is something that seems to generate acute anxiety in anyone who takes the time to consider it. Fears about the loss of privacy and other related security issues top the list of current concerns.

On the other hand, those who are already using SaaS solutions or have added elements of SaaS to their systems are considerably more confident about security issues than non-users. When it comes right down to it, SaaS appears to be something that one must experience in order to trust.

Forrester Research has recently completed a study that supports this premise. In companies where SaaS was already in use, having replaced a complete solution, concerns over security are noticeably lessened. This is also true in companies where the decision to replace a complete solution with SaaS had already been made and was about to be implemented.

By contrast, companies that were only contemplating or planning to augment their solutions with SaaS, or in companies that were using just a few SaaS components, anxieties over safety were still running high.

Miroslaw Lisserman, analyst at Forrester Research, believes this to be a strong validation of the future of SaaS technology. Lisserman had this to say about the findings: “To me, this means the following: SaaS solutions are more secure than perceived by many, since once SaaS applications are deployed and used, the security concerns decrease.” Apparently, SaaS technology performs so well that it has to be experienced to be believed.

Analyst Krishnan Subramanian, an independent researcher, feels that the security concerns related to the SaaS technology itself have been overworked. He said that the real issue related to this application has more to do with people. Regarding these concerns, Subramanian had this to say: “It is the responsibility of the SaaS vendors to educate users about their people-centric security practices. It is the responsibility of the SaaS users to get to know these details from the vendors.”

Moving away from concerns about the security of SaaS technology and turning attention instead to security concerns related to the technology's providers and users is a measure of the maturing of this technology. It's a sign that SaaS is ultimately coming into its own.

The growth of the sector itself testifies to this belief. There has been rapid expansion of SaaS solutions with Enterprise Resource Planning (ERP) software functions. Additionally, there is growing use of the ERP system by both small and mid-sized manufacturers. The manufacturing software is also used more frequently by industry distributors and in job shops.

Small companies who are part of large supply chains, along with the supply chain members they deal with, are all discovering significant benefits and greater functionality in SaaS-based ERP when employed as a comprehensive manufacturing software solution. Home-grown and standalone applications fall short by comparison, making SaaS both the wave of the future and an increasingly intelligent choice.

1 comment:

AssetGlobe said...

Makes sense, as SaaS providers have a lot more resources to tackle security that most individual firms...
Still, many CIOs are afraid of not being able to do anything if there is a problem with the SaaS application...