In case you missed the memo, let me be the first to officially welcome you to the new world order of software as a service, or SaaS. Whether work or play, SaaS has enabled our on-demand, pay-as-you-go lifestyle. From consumer brands (such as Netflix) to enterprise SaaS providers (like Salesforce), SaaS offerings have played a large role in meeting the changing software needs of users today.
The shift towards SaaS subscriptions has enabled customers to avoid infrastructure costs and focus instead on their core business. With SaaS’s efficient and agile delivery of software, gone are the days of waiting weeks – or longer – to kick off a project. By eliminating the need for internal infrastructure, maintenance and support, SaaS also reduces a company’s bottom line.
It’s clear that SaaS has a lot to offer end customers. However, many companies are hesitant about adopting SaaS and other cloud technologies. As information moves to the cloud, data may be under an organization’s logical control, but physically reside in infrastructure owned and managed by another entity. This shift in control is the number one reason new approaches and techniques are required to ensure organizations can maintain data security.
According to the Vormetric 2015 Insider Threat Report, 83% of U.S. organizations reported being very or extremely concerned with their SaaS cloud storage environments. To address cybersecurity concerns around SaaS environments, we need to make a collaborative effort, requiring the cooperation of both SaaS providers and end customers.
As evidenced by the slew of recent breaches, hackers are after one thing: data. Through the use of encryption, SaaS providers can render sensitive data useless to hackers. However, encryption alone is not enough. Access controls and key management can also prove to be weak points in a SaaS provider’s cyber defenses.
In light of recent breaches and growing fears among end customers, SaaS providers have had to step up their data security game. Salesforce – an early pioneer of SaaS – recently announced Salesforce Shield, a new set of services that includes a strong set of data security features, such as auditing, encryption, access controls, event monitoring and data archiving. With data security becoming such a large issue for SaaS providers, it’s encouraging to see Salesforce has set the bar so high for encryption with Software as a Service.
As the movement towards SaaS continues, providers will need to make an important decision when it comes to securing their customers’ data: build or buy? That is, determining whether creating a team to develop and maintain a unique security solution, or leveraging third-party solutions that integrate into their environment is the better investment.
To make this decision of “build vs. buy” a no-brainer, Vormetric released a new solution set today – Vormetric for SaaS Providers – which enables SaaS providers to offer secure, compliant offerings to their customers. With these new offerings, SaaS providers can secure enterprise data by keeping encryption keys and policy management separate from SaaS infrastructure, reducing exposure and the risk of data breaches. Vormetric also enables SaaS providers to meet compliance and regulatory security requirements for encryption and access control.
Vormetric for SaaS Providers will change the game by enabling SaaS providers to reap the benefits of increased customer trust and confidence, while also differentiating their brand, reducing liability and unlocking new revenue opportunities. Integrated into more than 20 leading SaaS providers today, Vormetric makes it easy to overcome top security and compliance issues perceived by enterprises with SaaS: multi-tenancy, additional privileged user threats, security infrastructure visibility, lack of visibility into SaaS personnel roles, hiring practices and data access.
Looking ahead, I expect organizations will continue to adopt software as a service offerings, but with a responsible understanding of data security. SaaS vendors will also continue adopting more robust security solutions to ensure their customers’ data remains secure.
To learn how Vormetric can help integrate and deploy encryption, tokenization and key management to enhance SaaS service offerings, visit the Vormetric Cloud Partner Program site or contact SaaS@vormetric.com.