A sudden loss of critical services is a business emergency. Whether a power cut, a crucial delivery that fails to arrive or even a broken heating system, dealing with such a failure becomes the number one corporate priority.
[easy-tweet tweet=”The #cloud remains one area in which many businesses still donโt have a well-oiled emergency response strategy”]
Most businesses are well-versed in how to respond. The generator kicks in. They default to their secondary supplier.
But the cloud remains one area in which many businesses still donโt have a well-oiled response strategy.
The elephant in the room
Global SaaS software revenues are forecasted to reach $106bn in 2016, according to Forresterโs Tech Market forecast. Thatโs a 21% increase on 2015 spending levels, so itโs clear that businesses are embracing cloud applications at a phenomenal rate.
Itโs also clear why. Cloud computing offers economies of scale for businesses of all sizes, whether in terms of file storage, network infrastructure, data backup or business analytics. Shared services delivered as a utility over the Internet are scalable, flexible and accessible anywhere – and, consequently, can deliver dramatic efficiencies and cost savings.
Cloud computing offers economies of scale for businesses of all sizes
But in the rush to embrace and trust SaaS, too many businesses are still too quick to ignore – or at least, fail to thoroughly assess โ the risks inherent in transferring responsibility for business-critical applications, data or information architecture, to an external provider. How reliable is your SaaS provider, really?
Measuring reliability
Reliability isnโt a concrete concept, and as such is difficult to quantify. No business will deliberately partner with a SaaS provider that looks set to fail in the next few months โ but, as we all know, predicting such business failure is very difficult. Itโs not just about whether that SaaS provider will continue to trade successfully โ itโs also about whether they will continue to honour their contracts, or continue to provide the same levels of service that they originally sold.
Failure to do so isnโt necessarily a malicious action, nor the result of the SaaS provider winding up business or going bankrupt โ although these are crucial possibilities to consider. Loss of critical resources, changes to licenses or terms and conditions or, perhaps most damaging of all, a malicious cyberattack leveraged at the SaaS provider, can all have significant knock-on effects on the cloud services delivered to corporate customers.
The contingency plan
[easy-tweet tweet=”What can businesses do to protect themselves from #SaaS provider failure?” user=”comparethecloud”]
What can businesses do to protect themselves from SaaS provider failure and ensure they donโt slip into a business emergency?
- Service Level Agreements – SLAs, of course, are a standard part of any SaaS contract. But businesses need to check that they cover a range of scenarios, not just a generic service failure. A comprehensive SLA will include details of what happens in the event of bankruptcy and dissolution as well as service outage.
- Information security standards – SaaS providers need to prove that they are taking sufficient measures to mitigate against data breaches โ whether as a result of malicious cyberattack, internal sabotage or basic human error. And SaaS customers need to demand proof of these measures too.
- Interim continuity services – These act as a SaaS safety net, guaranteeing access to SaaS applications and data in the event of provider failure. An up-to-date copy of the businessโs data and/or production environment is provided, giving it time to switch to an alternative solution without service interruption.
These measures are not complex, but they go a long way to ensuring that businesses can enjoy all the benefits of the cloud, without the risk of coming to a standstill.
Danielย Liptrott, Managing Director, NCC Group's Escrow division
Danielย Liptrottย is responsible for the management and strategic development of the Escrow division globally.ย Danielย joined the Group in November 2013 from private practice where he had been a corporate partner at a number of international law firms. From 2006 to 2011 he had been the Group's outside counsel at Eversheds LLP and has advised on a range of issues including its move to the Main Market of the London Stock Exchange in 2007 and each of the Groupโs subsequent acquisitions.