Businesses are pushing for better protection of their digital footprints

by Peter O’Connor, Vice President Asia Pacific and Japan at Snowflake

Credit: ID 77440682 © Profitimage | Dreamstime.com

As consumers, we’re becoming more aware of the trail of data we leave behind as we go about out our daily lives. From social media sites to online shopping services, records of interactions are constantly being generated.

It’s a similar case for a modern business. As transactions with partners and suppliers are increasingly conducted digitally, the pool of associated data continues to grow. 

As a result, more and more business customers are demanding that the Software-as-a-Service (SaaS) companies with which they have relationships do more to safeguard their usage data. They are also very keen to know how that data might be being put to use.

Unlike personal data, business usage data is generated each time a business customer interacts with a business-to-business SaaS product. This creates both benefits and concerns, depending where you’re sitting in the process.

For example, a SaaS provider may collection details about their business customer’s interactions and use them to enhance their offering. If they can see a particular feature is causing headaches for the clients, it can be redesigned or replaced. The end result of this process is a more efficient and effective SaaS platform.

From another perspective, however, the interaction data being generated every time a business uses the SaaS platform could be used in a very different way. Observations of usage patterns and volumes might reveal where a business is focusing its efforts. Perhaps a rise in interactions is associated with a new product about to be launched or a planned merger with a rival. Things the business wants to keep private could actually be in plain sight.

Growing concerns

Recent privacy stumbles by companies such as Facebook have led to increasing numbers of consumers paying closer attention to their data and how it is used. Indeed, in a recent consumer sentiment survey conducted on behalf of Snowflake, 73 per cent of respondents confirmed they feel greater data policy and regulation is required. Just 6 per cent felt they needed less and 21 per cent indicated the measures in place currently were sufficient.

This growing awareness of and call for better privacy is now flowing into the B2B sector where businesses are increasingly demanding similar kinds of privacy protections for SaaS and other B2B platforms. Unfortunately, however, those expectations don’t migrate well from the consumer to the B2B space.

For example, should a business have the same privacy protections as a private user? Or should individual employees using third-party vendor services on a corporate network have the same privacy protections as they do when acting as private citizens on their home networks?

How much privacy is enough?

When you initially consider questions such as these, it would appear best to err on the side of privacy, and it may not be clear why maximum protection should not be afforded to B2B user data.

The reason is that companies delivering B2B services need the ability to collect and retain certain data. For example, if you’re unable to track an IP address, it becomes impossible to secure customer data or shut down a malicious attack.

Read more: SaaS discovery tools target growing shadow-IT problem

Also, if a business is not allowed to connect personally identifiable data to a business customer’s account, it will be much harder to provide first-class service when that customer needs support.

Taking control

Businesses that store their customer’s data on the servers of other companies, such as Salesforce or Oracle, have a vested interest in those technology partners protecting that data. However, a company can’t simply outsource the data security challenge to another organisation. It remains their responsibility to ensure the data remains secure at all times.

Another big challenge arises for multi-national companies that must comply with data security and privacy regulations in different countries. One approach many are taking is to carefully locate certain roles and functions in jurisdictions based on the local regulations that are in place.

If, for example, privacy regulations are too restrictive in a certain country, it may make sense to store data elsewhere and even locate support staff in a different location. Such careful management cannot be left up to an external provider but must be carefully managed by the company itself.

There are no definitive rules for B2B companies that are facing these issues. Each company must undertake a complex process of evaluation that involves the help of legal, security and privacy experts.

However, by being aware of the issues and taking comprehensive steps now to secure data, companies will be much better placed to survive any issues that might arise the future.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags Software as a Service (SaaS)

More about FacebookOracle

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Peter O'Connor, Snowflake

Latest Videos

More videos

Blog Posts