Businesses are steadily coming round to the idea of paying a monthly subscription for a software service that is hosted online (Software as a Service – SaaS).
However, the proliferation of SaaS is still being somewhat held back by widespread security concerns. Chenxi Wang, an analyst at Forrester Research, told Webroot: “Companies are getting more comfortable with SaaS in general – it’s becoming more of a norm. They’re realizing the benefit of outsourcing commoditized solutions…to specialists so they can stay focused to their core business.” There are obvious benefits to opting for SaaS for a treasury management system (TMA), including increased cash visibility and productivity and greater flexibility. SaaS, which is a subset of cloud computing, offers treasury departments the option to pay a monthly fee instead of splashing out on licensing fees, hardware, IT support and upgrades.
Upgrades are performed automatically as part of the subscription and will benefit all users at the same time. IT support becomes all but redundant and investment payback can be achieved within a year. So, why are some firms still holding back from adopting this new route to TMS? The answer is simple: security concerns. According to a workshop survey carried out by The Register, many businesses fear data leakages would occur if they were to adopt cloud-based services. The growing use of personal devices at work is adding to this concern which The Register said was deep routed in many of the people they talked to.
It became clear over the process of the workshop that much of the concern and the reasons why businesses were opting out of cloud-based services was down to ‘gut instinct’ and anecdotal evidence from others, rather than personal experience of using SaaS. In fact, more than half of those questioned said that gut instinct had shaped their opinion of SaaS, while the same percentage said anecdotes and peer experiences had affected their view. The Register also found that there was a tendency to consider SaaS providers as similar in their approach to security, with the common opinion being ‘if one is bad, they’re all bad.’
The Register reported, ‘It's also abundantly clear that SaaS providers tend to be lumped together, regardless of their sophistication and capabilities of their services.’ The survey compared views on SaaS from people who had little or no experience of the technology, with the opinions of people who had extensive experience and found the results to be interesting.
When asked whether SaaS was better or worse than on-premise system with regard to security, almost 80 per cent of those with significant experience answered with ‘better’, or ‘no different.’ Of those with no experience, around 80 per cent answered ‘worse’. These survey results are a clear indicator that most of the fears about SaaS and security breaches are unfounded and that fears are formed largely as a natural response to innovation and the unfamiliar.
It is expected that the concerns will lessen over time. As a result of the high profile attention paid to security concerns for the use of SaaS, many providers have invested heavily in dealing with any gap in their security protection. Indeed, at Kyriba we consider our security to be ‘military-grade’, ensuring that each user’s data can only be accessed by them and that they have no access to anyone else’s data. Corporate treasurers need to ensure they take care when selecting an SaaS provider, paying special attention to their security measures and their service level agreement. If due care is taken, there is no reason why SaaS should not compete on a level with in-premise systems for both privacy and security – or even exceed it.
