5 best practices for negotiating SaaS contracts for risk and security

Software-as-a-service providers often handle your sensitive data. Here's how to hold them to a high standard for security.

common negotiation errors2
Thinkstock

Adoption of SaaS offerings accelerated this year because of the large-scale shift to remote work prompted by the COVID-19 pandemic. The trend has heightened enterprise exposure to cyber threats and brought into sharper focus the security and risk factors that organizations need to consider when negotiating software-as-a-service (SaaS) contracts.

Gartner expects the overall public cloud services market will grow 6.3% this year to $257.9 billion from $242.7 billion last year. The SaaS segment itself is expected to top $104.6 billion, up from around $102 billion last year at least partly because of increased need for new collaboration tools during the pandemic.

As adoption of SaaS services has increased, so have concerns over potential security issues. In a recent AppOmni survey of 200 IT professionals, 66% of respondents said they had less time to secure their SaaS applications post COVID-19 even though they believed their enterprise SaaS environment put them at greatest risk of business disruption.

"Most of the discussion when there is one from a security perspective is around data protection and what happens when an event occurs where either availability or data is compromised," says Daniel Kennedy, an analyst with the 451 Group.

Here, according to Kennedy and others, are five key considerations to keep in mind when negotiating SaaS contracts to ensure risk and security factors are adequately addressed.

To continue reading this article register now

The 10 most powerful cybersecurity companies