SaaS adoption is outpacing businesses' ability to secure it

Features
By Esther Kezia Thorpe
published

Two-thirds of ITDMs at large organisations are concerned about keeping up with security requirements for SaaS adoption

Security padlock on a cloud

As the rate of cloud and SaaS adoption increases in businesses, IT teams are primarily concerned with data privacy, new research contends, with 64% of ITDMs believing that their organisation's SaaS adoption is outpacing their ability to secure it.

But nearly half agree that their organisation is hesitant to adopt SaaS-based security solutions, according to a survey of 200 ITDMs by cyber security firm iboss for its 2018 Enterprise Cloud Trends Survey Report.

Gartner: Cloud giants' dominance poses challenges for users

In the early days of SaaS, security was one of the primary concerns limiting adoption because the SaaS delivery model was relatively new, and companies felt uncomfortable storing sensitive data outside their own security measures.

Although the SaaS model has matured and has so far proved to be highly stable and secure when compared to on-premises solutions, it is easy to understand why there are still outstanding concerns around it.

Three-quarters of ITDMs told iboss that their organisation's data was more secure using on-premises, purpose-built appliances rather than a SaaS solution. The most likely reason for this is because they feel that their data is less secure when using a SaaS solution, because such solutions store their data on shared servers - a reason 66% of respondents agreed with. A quarter also thought that security wasn't a priority for SaaS solution providers.

"While these concerns aren't unfounded, they also aren't completely legitimate," argued iboss CEO Paul Martini, analysing the findings of the report. "There are an array of cloud types and delivery models that both laymen and tech pros aren't aware of that address many of the top concerns found in the survey head-on."

Of course, there are many vendors who are committed to security, and to keeping their clients' data safe, with incoming GDPR data protection rules meaning that they could be held partially responsible for any breaches. Part of the solution is being diligent when choosing an SaaS provider, especially if they will be processing personally identifiable information or financial data.

A good vendor will be transparent in their security practices and be able to demonstrate multiple layers of security to protect customer data. This can include physical site security of the data centre facility, as well as application and database security, where defences are core to the software development process.

Esther Kezia Thorpe
Esther Kezia Thorpe

Esther is a freelance media analyst, podcaster, and one-third of Media Voices. She has previously worked as a content marketing lead for Dennis Publishing and the Media Briefing. She writes frequently on topics such as subscriptions and tech developments for industry sites such as Digital Content Next and What’s New in Publishing. She is co-founder of the Publisher Podcast Awards and Publisher Podcast Summit; the first conference and awards dedicated to celebrating and elevating publisher podcasts.