I was recently asked the question, “Can we Trust SaaS (Software as a Service) firms on Security?” and offered up a surprising answer.
Bottom line: “No – you absolutely positively can NOT trust a SaaS provider with security.”
Now let me explain through a personal example:
Before there was SaaS everyone called this business an ASP model (application service provider). We started in St. Louis since we wanted a central location and to maximize performance to both costs. We had a very good datacenter (we still use it an emergency backup datacenter) but it just wasn’t in the top .01%.
We knew eventually government, healthcare, and our pharmaceutical companies would demand security equal to and surpassing a “banking standard”. When it comes to money – people get pretty crazy about security.
We traveled all over the country until we found our cage (and our new home). The place was guarded 24/7 by ex-military commandos. It is setup to handle anything (even a nuclear strike). It is one of the very very few datacenters in the country pre-authorized to house government data.
Want to go see your own servers? Not so fast. Takes me about 2 weeks to arrange a site visit as they go through a full background check of every person past the 3rd level of security. This place is literally Fort Knox.
Our neighbors? Well we have Bank of America on our right and PayPal on our left. Yea – we have security.
Now you have competitors in the cloud. Many of these rural data centers were cloud computers are housed were never ever designed to this physical or data security standard. They were designed to provide the cheapest possible real estate costs, employee costs, and most of all energy costs. See the difference?
Don’t even get me started on data security! Note – this is why we ONLY use Oracle and won’t consider MySQL, SQL Server, etc.
As you can tell we are RABID about security and a little sensitive to it. We undercut @Task, Daptiv, Innotas, Microsoft Project EPM (EPMLive), and other hosted / SaaS options by over 50% and our competitors try to convince customers we cut corners on availability, performance, and security and nothing could be farther from the truth. We just make a more reasonable profit. Guess that is why we haven’t laid anyone off in 5 years and they have cut 30% – 50% over that same time.
Good luck to the OP and again – thank you for the great question!
Nick Matteucci, Co-Founder www.WorkOtter.com
WorkOtter = Simple + Sensible + Secure SaaS Project Management Software