Cloud
Commentary
3/23/2007
10:35 AM
David Linthicum
David Linthicum
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Data Privacy: The Leading Roadblock to SaaS Adoption

As larger organizations move toward SaaS, a few organizations are pushing back on this new model citing data privacy concerns. So, is data privacy a real issue? Or are IT managers reacting more to the lack of control than to data privacy? In my experience, organizations fall into three categories in their thinking about SaaS and data privacy.

As larger organizations move toward SaaS, a few organizations are pushing back on this new model citing data privacy concerns. So, is data privacy a real issue? Or are IT managers reacting more to the lack of control than to data privacy? Let's do a few reality checks.First off, I've yet to hear about an incident where data existing in a hosted SaaS environment was compromised. However, I've heard about a lot of instances where data was removed from a company by employees saving information to memory sticks or DVDs. Moreover, the recent rash of laptop thefts has put data privacy problems on the front page, as criminals run off with confidential information including social security numbers and credit card information.

My point is that data privacy issues do not seem to be a concern in the world of SaaS as of yet, at least from the standpoint of real incidents. Indeed, most organizations have many more leaks to fix other than the hosting of data within a secure data center. SaaS won't fix data privacy issues you currently have, but nor will it add to the problem. Nonetheless, it is a concern in terms of perception.

In my experience, when it comes to SaaS and data privacy, organizations fall into three categories:

No Data Privacy Concerns

In some instances, there are no data privacy requirements. The application is dealing with information that's not private, and it's no big deal if it's compromised. While this scenario isn't typical, there are many applications out there with this data privacy characteristic. Of course, using SaaS is a clear option here since data privacy is not a concern.

Mandatory Data Privacy Concerns

In some instances, private data such as medical or financial information cannot be housed outside of a company. In a few cases this is a matter of law, but more typically it's a matter of policy. Either way, IT doesn't have the option of using SaaS, or if they do, they need to come up with some creative approaches to using data that is still locked behind the firewall. SaaS is typically out of the question with these types of requirements, at least for now.

Paranoid Data Privacy Concerns

This is the majority of potential SaaS users who won't use SaaS because they are just paranoid about shipping data outside the firewall. There is no reasoning with these guys, but I can understand why they are paranoid. These companies won't consider SaaS as an option, citing data privacy, but there are typically control issues there as well. They don't want to use the software if they can't hug the server. The number of these types of companies is shrinking fast, however, as SaaS becomes more politically correct within corporate America.

Application integration and service oriented architecture expert David Linthicum heads the product development, implementation and strategy consulting firm The Linthicum Group. Write him at david@linthicumgroup.com.As larger organizations move toward SaaS, a few organizations are pushing back on this new model citing data privacy concerns. So, is data privacy a real issue? Or are IT managers reacting more to the lack of control than to data privacy? In my experience, organizations fall into three categories in their thinking about SaaS and data privacy.

Comment  | 
Print  | 
More Insights
2014 Next-Gen WAN Survey
2014 Next-Gen WAN Survey
While 68% say demand for WAN bandwidth will increase, just 15% are in the process of bringing new services or more capacity online now. For 26%, cost is the problem. Enter vendors from Aryaka to Cisco to Pertino, all looking to use cloud to transform how IT delivers wide-area connectivity.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.