Data security, a crucial issue for the company
•
The cyber risk is becoming an increasing concern for business leaders. In the Global CEO Surveys conducted by PwC in recent years, this threat has indeed gained more importance each year. While cyber threats were the 10th perceived threat by decision-makers in 2017, it has since 2018 been among the top five. Three years ago, 24% cited this threat compared to over 33% in the latest edition of the survey. Among the various forms that cybercrime can take, data security breaches are far from negligible. Whether through phishing or via a ransomware, a company can see its data stolen or confiscated by a third party, leading to a severe loss of performance.
Data Security in Danger
Data is crucial for the enterprise; thus, a breach can be extremely detrimental. Computerization since the 1970s and 1980s has made key company data vulnerable to new types of attacks.
To this harm is added the slowness with which security flaws are usually detected. Indeed, a survey by the American access provider Verizon examining over 100,000 incidents and 2,000 flaws in more than 60 companies revealed an extremely significant reaction time. In over 80% of cases, the flaw was only discovered several weeks after its emergence, making its consequences even more serious for the affected company.
In the face of this risk, an internal policy of heightened security, through data encryption or more restricted access for employees to data, is possible. Furthermore, a company concerned about data security is entitled to expect software vendors it uses to take particular care for cybersecurity. Fortunately, this demand is met, as software, particularly in software as a service, offers good security guarantees.
SaaS Solutions, a Response to the Need for Data Security
In response to these threats, software as a service solutions represent an interesting response. Indeed, although they involve data outsourcing, these solutions offer significant advantages regarding IT security. In terms of customer requirements, McKinsey in its September 2019 study identified the priorities expressed by decision-makers. First, come the requirements related to data encryption, cited by 56% of clients. Next are the access issues (passwords, account management) with 52% and the response to incidents at 49%.
In the face of these requirements, some SaaS solution vendors provide an adequate response with a good level of security against an attack. First, software with an encrypted database is naturally recommended for a client seeking a good level of security. This mode of operation helps to reduce the severity of a potential data leak. Better yet, anonymization in the vendor's servers guarantees the client the security of their data.
Moreover, SaaS solutions also offer preventive security. Indeed, SaaS software vendors ensure monitoring, guaranteeing the client company a certain level of security. Furthermore, by taking care of the outsourced service (the reporting function, for example), the vendor allows the client's Information Systems Management to better focus on other internal monitoring tasks and thus gain in efficiency. Finally, the support provided in case of an incident is naturally ensured by a team of professionals specializing in the software in question.
Note: the SaaS solution often offers a better level of security than an internal process. The vendor’s technical team indeed has greater expertise on the software’s functionality than internal IT services.
