This just makes so much SaaS sense that I'm putting this as a separate post. With permission, of course from Mr. David Abrawowski. SaaS Trust and Confidence
Buyer beware! Careful, unstable application ahead! Your data is at Risk! These are a few of the labels that should be visible on the front page of many Software as a Service offerings today.
Just recently I heard a story about an online software company that made a system administration mistake and their users information just vanished into thin air. The company apologized to their customers and blamed it on the fact they were still in beta. No recovery, no data, no nothing - just an “oops”. Imagine if that was you. Imagine if your company lost several days of your CRM data or months of your accounting records because your Software as a Service vendor didn’t really know how to run the back end systems?
We have a strange phenomena in business today. We tend to blindly trust just about any web site. And if that web site has official looking features like secured payments through PayPal or a Hacker Free label, we tend to trust it even more. But what about the reality of today’s Software as a Service. In a matter of minutes almost any developer can take an open source project and then host it on a $10/month internet account. They can immediately sign up for PayPal and get a hacker free certification in a matter of minutes. The developer can create a fancy sign up page and start to take your money. You begin to put your valuable customer data into the online service with a hope that the software vendor/consultant knows how to keep it safe and keep the application up and running. But as more stories of data loss and application problems surface, it’s up to the buyer to start to put pressure back onto the SaaS providers to ensure that we increase the trust and confidence of online applications.
Before you trust a SaaS provider and put your confidence in their system, you need to ask some questions. You need to know if the application is going to be available, if your data is going to be safe and what the company is doing to make sure everything stays up and running. On the flip side, many SaaS providers are going above and beyond. They just don’t tell their customers. Therefore to be proactive, I suggest that every SaaS provider have a simple web page that answers these questions to help increase the confidence and trust in their applications:
1. Is there built in redundancy for the application and the infrastructure so that it is going to be available when I need to use it?
2. How is my data kept safe and secure from other users or hackers on the internet?
3. If there is a failure, are you prepared to handle it quickly and is my data recoverable? How often do you backup my data?
4. Do you monitor the system & the application on a continuous basis? If there is a problem, who is watching the system and how long until they will be able to fix it?
5. Do you keep the system up to date with security patches & fixes on a regular basis?