Ask The CRM Expert: Questions & Answers

Are there security risks associated with SaaS CRM?

SearchCRM.com

What are the security risks, if any, associated with Software as a Service (SaaS) CRM?
This is a great question on several levels. Security issues with SaaS were largely settled for many vendors a few years ago but the issue of security -- and a formal approach to managing it -- is causing some old issues to resurface. The formality is being driven by new technologies that live under the umbrella of governance, risk and compliance (GRC).

There are industry standards in place for data centers but, in my opinion, that's not enough because vendors aren't required to use them. A large and successful SaaS vendor might have all of the security bells and whistles but a small vendor who is just starting out may not. The problem is that on the Internet both vendors can look big, prosperous and secure. Buyer beware!

I think physical security is pretty well managed for most vendors, and procedures within any organization can help prevent hacking, phishing and othe

To continue reading for free, register below or login

Requires Membership to View

To gain access to this and all member only content, please provide the following information:

By joining SearchCRM.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.

TechTarget cares about your privacy. Read our Privacy Policy

r attacks. However, the evidence suggests that it's not perfect. Still, I think vendors can do a better job of maintaining security than many small companies simply because they have more capital and other resources dedicated to the task.

In my opinion, security risk gets dicey in areas you don't see or think about much. For example, what about the risk of having a single data center backed up to tape? The single location might be at risk for a natural disaster and without a live, mirrored backup, recovering from the tape might be possible but who knows how long it could take for the tape to reach a safe place.

I think business downtime with on-demand CRM or SaaS CRM is the big security risk today, not outright data loss. It's not what you'd think of first but I guarantee it's something a lot of vendors are already working on. When an on-demand vendor has an initial public offering (IPO) one of the targets for that new money is a mirrored data center. Check the government filings.