How to Mitigate the Risks of SaaS

Given the hubbub around Software as a Service (SaaS), you’re forgiven if your head is in the clouds. Also known as cloud computing, SaaS is the delivery of a business management solution online.Given the hubbub around Software as a Service (SaaS), you’re forgiven if your head is in the clouds. Also known as cloud computing, SaaS is the delivery of a business management solution online.

The pros of using SaaS can be compelling, particularly for a company lacking the budget required for the hardware or IT personnel required to manage your own solution. Your information is stored in a data center by a third-party server and you pay a monthly fee to utilize their system, similar to paying for a utility or cable access in your home.

However, there are potential risks to SaaS. Make an informed decision by thinking through these risks and how to mitigate them.

1. Vendor Longevity

If the vendor goes out of business, it can be tremendously disruptive to your business. Checking out their financial standing, client references, management biographies, customer base, blog posts and media coverage can help give you a sense of their longevity. Consider what your plan would be to continue your operation if the vendor’s operations are suddenly shut down.

2. Fit with Your Needs

Ensure the SaaS application will fit your workflows and business requirements now and as your needs evolve. With some providers you may be limited to a one-size-fits-all solution, restricting you to only out of the box functionality and no additional third-party add-ons which may be important to your business.

3. Options for Customization

Establish what if anything can be customized for you as it can vary depending on the vendor. Workflows and transaction definitions, data fields, domain options and branding are just a few areas where customization may be an option. Who can access what data (permissioning) and application extensions are also worth asking about.

4. Will it Integrate with Legacy Applications?

If you have existing SaaS applications that you still wish to use, ask how integration is handled.

5. Application Performance

What is the vendor’s disaster recovery strategy? Are multiple copies of your data stored in different geographic locations just in case the system goes down?

6. Anticipated Downtime

Ensure offline time due to maintenance is minimal.

7. Data Security

Go deeper than a simple overview of their policy. Can they meet your industry-specific compliance requirements? Ask for encryption level and authentication protocol details. Establish how technicians are vetted and their overall data center procedures.

8. Data Ownerships Terms & Policies

What happens if you cancel service with or delete data from the application? Ensure your data remains yours.

9. User Data & Information Privacy

Will your data be used for the vendor’s advertising or other promotional purposes? Do they sell data to third parties? What are the federal privacy laws in the countries where the vendor’s infrastructure sites are located?

10. Shared vs. Dedicated Environment

There are two base hosting models: dedicated and shared. In a dedicated environment the customer has their own Windows Server(s) and databases for their organization’s use; in a shared model a single Windows Server is shared among multiple clients. There are pros and cons to each model, but you should be aware of which one the hosting provider is proposing to you and that you understand the advantages and disadvantages to each.

By carefully thinking through the above questions you can better ensure that although your head may be in the clouds that your business remains on solid ground.

The pros of using SaaS can be compelling, particularly for a company lacking the budget required for the hardware or IT personnel required to manage your own solution. Your information is stored in a data center by a third-party server and you pay a monthly fee to utilize their system, similar to paying for a utility or cable access in your home.

However, there are potential risks to SaaS. Make an informed decision by thinking through these risks and how to mitigate them.

1. Vendor Longevity

If the vendor goes out of business, it can be tremendously disruptive to your business. Checking out their financial standing, client references, management biographies, customer base, blog posts and media coverage can help give you a sense of their longevity. Consider what your plan would be to continue your operation if the vendor’s operations are suddenly shut down.

2. Fit with Your Needs

Ensure the SaaS application will fit your workflows and business requirements now and as your needs evolve. With some providers you may be limited to a one-size-fits-all solution, restricting you to only out of the box functionality and no additional third-party add-ons which may be important to your business.

3. Options for Customization

Establish what if anything can be customized for you as it can vary depending on the vendor. Workflows and transaction definitions, data fields, domain options and branding are just a few areas where customization may be an option. Who can access what data (permissioning) and application extensions are also worth asking about.

4. Will it Integrate with Legacy Applications?

If you have existing SaaS applications that you still wish to use, ask how integration is handled.

5. Application Performance

What is the vendor’s disaster recovery strategy? Are multiple copies of your data stored in different geographic locations just in case the system goes down?

6. Anticipated Downtime

Ensure offline time due to maintenance is minimal.

7. Data Security

Go deeper than a simple overview of their policy. Can they meet your industry-specific compliance requirements? Ask for encryption level and authentication protocol details. Establish how technicians are vetted and their overall data center procedures.

8. Data Ownerships Terms & Policies

What happens if you cancel service with or delete data from the application? Ensure your data remains yours.

9. User Data & Information Privacy

Will your data be used for the vendor’s advertising or other promotional purposes? Do they sell data to third parties? What are the federal privacy laws in the countries where the vendor’s infrastructure sites are located?

10. Shared vs. Dedicated Environment

There are two base hosting models: dedicated and shared. In a dedicated environment the customer has their own Windows Server(s) and databases for their organization’s use; in a shared model a single Windows Server is shared among multiple clients. There are pros and cons to each model, but you should be aware of which one the hosting provider is proposing to you and that you understand the advantages and disadvantages to each.

By carefully thinking through the above questions you can better ensure that although your head may be in the clouds that your business remains on solid ground.

Related Posts: