Cloud-based or Software-as-a-Service (SaaS) applications are quickly gaining in popularity across a wide spectrum of businesses. And as they gain in acceptance they also have to overcome the biases of those who believe that computing in the cloud can compromise security.
Cyber security is fast becoming one of the top concerns of corporations around the globe, and the risk is not one for which you can typically buy insurance.
For the supply chainmanager contemplating whether to recommend a SaaS solution there can be a great deal at stake. Supply chain systems can range from enterprise software that basically runs the company, right down to small discrete apps that have only a minimal impact on operations.
But either way, there are several basic considerations that should be taken into account when judging the security of a system.
Primarily, you need to ensure that your data are protected and that the system is stable and not vulnerable to attacks or failure.
Particularly for supply chain systems, which often require outside parties—suppliers, third-party logistics providers, and end customers—to access them, it's key that your data and systems are secure.
When the computing in the cloud was a new idea many were sure that it would lead to security breaches and data loss. After all, if all your data and processes are 'floating around' in cyberspace, surely they are vulnerable to being plundered by clever and unscrupulous hackers?
At least that was the thinking, and for some that fear still exists.
It has actually turned out that SaaS systems can offer a greater degree of protection to your critical information than in-house systems.
Because the SaaS system relies on a service provider whose sole business is offering this solution, they have everything riding on the security of your data. It's their raison d'etre to ensure that every transaction is secured via trusted methods such as firewalls, encryption and audited data centres.
As well, since the SaaS provider's systems are independent of your company's systems, there is no danger of a breach affecting you. Those third parties we mentioned above do not need to access your company networks to use the appointment scheduling, ordering, transportation management applications, they only need to interact with those of the SaaS provider.
By contrast, licensed software options can leave your enterprise vulnerable to breaches caused by sloppy staff, under-resourced IT departments, or even internal hackers. Failure to keep the systems up to date can make it a simple matter for a malicious person to cause a lot of damage.
When disaster strikes, you have to be confident that your systems are robust and backed up. For the SaaS service provider, this—again—is their core offering, so they have a strong motive to ensure redundancy and viability through a crisis.
And it can be argued for software systems that are key to your business, but are not the enterprise system, it's the SaaS provider who will have the stronger incentive to ensure that disaster recovery is their first priority. Your enterprise may not place quite as much emphasis on the "secondary" systems.
Ultimately, your decision to use a SaaS system needs to be based on numerous factors, from functionality, to cost, to convenience and, yes, security. The last consideration has been the subject of a lot of misinformation and some fear mongering since it emerged; hopefully this blog has helped to clear some of the fog from questions about the security of supply chain apps in the cloud.
We invite you to download our white paper ‘SaaS Supply Chain Management Systems’ for a more complete overview of the pros and cons of cloud-based supply chain management systems.