From SaaS to the desk – where will our data be safe?

Recently, I’ve had the opportunity to talk to a person who is keenly interested in using our solution at a brokerage office. Everything was fine, the range of the system’s capabilities was amazing, until it turned out that the application was in the SaaS model (Software as a Service). The interlocutor lost interest and ended the conversation with the words: “Konrad, I do not trust those clouds there, the data is safer in my desk”. Well, it depends on where the desk is. But it was not supposed to be about interior design, but about why the external location of data still raises concerns.

 

Cloud East, cloud West, home is best?

Even though more and more applications and technologies operate as a service, there are still sceptics of such solutions. I don’t want to go into details of “clouds” or create academic comparisons, because that is not the point here. Simply put, if something is “in the cloud”, it simply isn’t “with me”. Basically, the lack of trust in this matter boils down to the fact that the data will be “out of reach” and the belief that “it will definitely be safer with me”.

 

What can happen to our computer? For example, it can be stolen, burned in a fire, or flooded, it can also be thrown out of the window, etc. And as we know, people are divided into those who make backups and those who not yet. Let’s add that even up to 30% of people have never made any backup and we will get a simple recipe for trouble.

 

There is every chance that in companies professionally dealing with data storage the above-mentioned situations will not take place. Even so, appropriate security measures, such as regular (!) backups of data stored in isolated locations, would stop us from worrying about theft, flooding and fires.

 

The man himself a hacker

And what about attacks and data leaks, which are always breaking news? What do the numbers say? They say that 89% of data leaks in companies are inadvertent. 11% are theft and phishing [1]. It means that most often we ourselves are to blame for the leak. Interestingly, among those inadvertent ones, one of the most frequent cases is sending a message containing confidential data to the wrong e-mail address. The prose of life. In the case of phishing, our naivety and inattention also come to the fore, because when we receive an e-mail from a “well-known billionaire” that goes: “I am decide give you my company, only you give me password your mailbox” – it is definitely true.

 

To make it even more evident how easy it is to lose your data, I will quote the most popular passwords used worldwide in 2020, published by NordVPN. Here are the top five:

  • 123456
  • 123456789
  • picture1
  • password
  • 12345678[2]

 

“Qwerty” was only in the second ten. What a disappointment.

 

And you can be as snug as a bug on your HDD

Alright, if the best we can do for the security of the data we process is to switch on our own thinking, why then would we use “SaaS” and such? Well, they have some basic advantages over your desktop computer.

 

Our data is taken care of by professionals with well-developed safety procedures, not only to prevent the data loss or blackouts, but also to minimize losses in the case of accidents, if any. They have high-end hardware, antivirus and security measures that most of us don’t even have access to. There are regular, even daily, data backups, and these are stored in separate locations.  You can use, for example, system mirroring, i.e., running the same application simultaneously from different sources. When one fails, traffic is redirected to the other.

 

By using an application that can be accessed remotely, we additionally protect ourselves in the event of our own computer being infected or hacked. If someone gains access to it, it does not mean that, for example, the data of our customers or business partners will be immediately available to the attacker. The benefits of remote solutions could be multiplied, but it is worth using common sense when deciding on how to use the software. When building a house, or repairing a car, we usually decide to entrust it to professionals – let everyone do what they know best.

 

You’ve made your bed, now lie in it

To sum up, when it comes to data security, firstly, let’s not take shortcuts, let’s be vigilant and cautious, and encourage our colleagues to do so. Secondly, let’s check the providers of the systems which we want to use regarding where they store data and how they protect them. For example, at VSoft we can boast of cooperation with one of the best Polish data centres, Polcom company. Thanks to this, we are sure that the data of VSoft Insurance Broker system users and their customers are safe and processed in accordance with the requirements of the Polish Financial Supervision Authority.

 

So, I encourage all those who hesitate to carefully analyse all available options and repeat after Pezet: “I’m moving to the cloud (…) and I feel good about it today.” Although, this particular song could have been something a bit different …

 

Konrad Jakubowski, Product Owner VIB

 

[1] Based on the information security report prepared by the Association of Personal Data Protection Companies.

[2] Based on the list of the most popular online passwords published by NordVPN.

Zobacz również

See also