There are hundreds of software-as-a-service offerings, but an IT research firm has discovered their security promises often aren’t worth the paper they’re written on. Be prepared

The cloud can be an elusive thing. So, apparently are the security details in software-as-a-service offerings.

That’s what research firm Gartner discovered after looking closely at more than 100 contracts of SaaS providers. According to NetworkWorld U.S., which saw the report, Gartner found that often the contracts have very little specific security language.

That may give a lot of organizations pause when a SasS provider comes knocking at their door. It may also give them the shivers to know that some staff have quietly signed up for a SaaS offering without permission.

Small wonder that in a recent IDC Canada survey 31 per cent of respondents whose companies don’t use public cloud solutions said their greatest concern about the technology is security.

What can you do about it? For one thing, get tough. Tell the provider you want a service level agreement with security-related metrics. Ask for customer references and call them – have they experienced security-related problems? How the did the provider respond? At the very least, find out if the provider has certifications like SSAE16.

Finally, consider making a rule in your organization that while most IT can be bought at the department level, SaaS products have to be approved before clicking on the OK button.

 
Related Download
The New Workplace: Supporting “Bring your own”							Sponsor: IBM Canada Ltd
The New Workplace: Supporting “Bring your own”
“Bring Your Own Device” (BYOD) and the “consumerization of IT” have taken hold in the enterprise, and employees using their own personal smartphones and tablets for business have become pervasive.
Register Now
Share on LinkedIn Share with Google+ Comment on this article
More Articles