Gartner SaaS Report: Sensitive Data Requires Policy Coordination

By CIOinsight  |  Posted 08-27-2012 Print


EUC with HCI: Why It Matters

When it comes to using software as a service (SaaS) platforms to store sensitive data, there is need for businesses to coordinate their policiies, a Gartner report finds.

Organizations that use a software as a service (SaaS) platform for data are more likely to use it for sensitive data than for mission-critical data, according to a new report from IT research firm Gartner.

The study, based on a survey of 425 respondents from IT risk management disciplines in the United States, United Kingdom, Germany and Canada, shows that organizations take different approaches to risk management when they face a need or opportunity to share data with different types of external parties. Compared with platform as a service (PaaS) or infrastructure as a service (IaaS), organizations were about 30 percent more likely to have a policy against putting sensitive data into SaaS (26 percent), and about 45 percent more likely to have a policy against putting it into outsourced data centers (29 percent).

However, the report found only 57 percent of IaaS/PaaS buyers are using a questionnaire to support their risk assessment. Unlike for SaaS, the form is more likely to be proprietary -- unique to the buyer's organization -- and less likely to be based on industry standards. Just 36 percent of respondents said they had a policy against putting mission-critical data into an outsourced data center, with 29 percent saying this policy applied to SaaS, with only 22 percent saying it applied to IaaS/PaaS.


Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that cioinsight.com may send you cioinsight offers via email, phone and text message, as well as email offers about other products and services that cioinsight believes may be of interest to you. cioinsight will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit