When it comes to SaaS, don’t let security scare you

Our recent Global SaaS study revealed that organizations are not just using SaaS to reduce costs, but are actually gaining competitive advantage through their SaaS solutions. Given the promise of advantage over peers, what is holding some organizations back from broad SaaS adoption? For many, it’s security. And what outcomes are companies missing out on by not adopting SaaS? Improved collaboration, innovation, and better decision-making, to name a few. The Saas “Pacesetters” – those leading enterprises gaining competitive advantage through widespread SaaS adoption – are achieving these to a greater extent than their peers.

Here are two stats from our study:

  • We asked respondents about the inhibitors to adopting and implementing SaaS solutions. Security was the #1 inhibitor across the board, specifically data protection and privacy concerns.
  • We also asked about issues experienced with their SaaS initiatives. Twenty-five percent of the sample listed inadequate security, making it the #2 issue of ten.

(Related: Q & A with Marc Dietz, director, IBM SaaS strategy and marketing)

Security is clearly a top issue and concern. But what are Pacesetters doing in order to successfully implement SaaS solutions and avoid issues with security? The result may surprise you. We found that Pacesetters have a high level of collaboration between their IT and business functions for all SaaS-related activities – and that includes tackling security.  From a list of nine activities, the biggest gap between Pacesetters and those organizations lagging behind (termed “Chasers”) occurs in collaboration for SaaS security. Pacesetters are over 30% more likely than Chasers to see collaboration between IT and Line of Business when it comes to security.

SaaS and Security

So what does this mean for enterprises considering broadening their SaaS adoption?  SaaS security should be a group effort – not just handled by IT or line of business working alone. Our team recently published the 2013 Chief Information Security Officer study, outlining best practices for security leaders in a variety of organizations. That study, and our SaaS findings suggest five ways in which to tackle SaaS security:

  1. Foster IT and Line of Business collaboration on all aspects of SaaS implementation and adoption, specifically keeping communication open for matters related to security.
  2. Invest in advanced technology. This isn’t an area where you should skimp. Purchase security technology and SaaS solutions with comprehensive security processes built-in.
  3. Establish an enterprise-wide security strategy that is integrated into new or existing cloud and SaaS strategies.
  4. Develop effective relations with the security organization within your company. Meet with them frequently, and share your concerns.
  5. Use metrics to analyze the effectiveness of your SaaS security. Determine how to track breaches, and regularly share your success with the rest of your company’s leadership.

So don’t let security scare you into falling behind with SaaS. With IT and LOB alignment around SaaS security, and planning for it from the start, you can set your organization on its path to SaaS success.

(For more information on how to combat your SaaS security concerns, check out “Embracing SaaS: A Blueprint for IT Success”)


Share
Comments Off
Alison Fetherstonhaugh

About Alison Fetherstonhaugh

Alison Fetherstonhaugh is a consultant at the IBM Center for Applied Insights. She conducts primary research and gains insight into emerging business and technology trends for forward thinkers. Prior to joining the Center, she work in IBM Market Development and Insights on various value quantification projects. Alison can be reached at afether@us.ibm.com.
This entry was posted in SaaS, Security and tagged , , , . Bookmark the permalink.