SaaS Security Meets the Needs of Modern Business Processes

Written By: Will Hastings
  • 6/8/2021
  • Read Time : 4 min
saas-security-cio-900

Creating and sharing digital data is critical to the success of most businesses, for many it is a fundamental component of their operations. Most modern business processes are executed digitally, and as companies mature in their digital transformation, they will create new processes to better utilize their data and facilitate collaboration.

Software as a Service (SaaS) technology has been a key enabler of this trend over the past decade. The advantages of SaaS over traditional on-premises software, such as increased mobility, better collaboration, effortless scalability, and faster innovation, have been leveraged by departments across the value chain to great effect.

Through no fault of their own, engineering organizations have been a laggard in this movement, with most still using on-premises solutions for their CAD and PLM applications. Why? Comparable SaaS-based applications simply weren’t available until recently. But now the adoption of SaaS in product development is at a tipping point. PTC’s research shows that product development leaders understand the transformative capabilities of SaaS CAD and PLM solutions, but are leery of cybersecurity implications when moving their tools and product data to the cloud.

However, a recent report by CIO dispels that concern, and suggests that most companies would enjoy greater security if partnered with a leading SaaS provider, especially as their business processes increasingly require close collaboration across departments, geographies, and organizations.

Cybersecurity is top priority – and concern

According to the IDG 2021 State of the CIO Report, security management ranks as the top priority for CIOs. As companies rely more on their digital data, tools, processes, and ecosystems their sensitivity towards cybersecurity threats has grown in parallel. Today’s IT decision-makers are tasked with defending against an increasing number and variety of threats. Examples include industrial espionage, phishing and its variants, ransomware, and distributed denial-of-service (DDoS) attacks.

The variety and sophistication of these threats pose ever-increasing challenges for IT leaders. These challenges arise not only from the technical complexity of security, but also from the resulting business dynamics now that cybersecurity is an imperative across companies of all sizes and industries. These challenges include:

  • Technology – false positives. Cybersecurity software identifies anomalies and sends alerts for further investigation. But there are frequently too many alerts for in-house staff to evaluate accurately.
  • Tools – complexity. Cybersecurity tools are often highly complex, making configuration, maintenance, budgeting, and licensing time-consuming and costly.
  • Professional – staffing. Finding, hiring, and retaining cybersecurity specialists with the depth of knowledge to safeguard sensitive corporate data is not easy. Salaries for these rare individuals can be quite high. Furthermore, turnover can be result in significant loss of institutional knowledge.
  • Financial – high stakes. Maintaining even adequate cybersecurity can be an expensive ongoing resource investment. IT decision makers must often make tough judgement calls balancing risk against cost.

These challenges make it increasingly difficult and expensive for businesses (even enterprise level) to successfully handle cybersecurity on their own.

What is SaaS security?

SaaS security consists of a host of tools, technologies, and processes that SaaS vendors put in place to keep their customers’ IP secure, software available, and data backed-up. It is important to understand what your SaaS security entails, the benefits it provides, and how your approach to cybersecurity might change as you transition from on-premise to SaaS-based applications. With SaaS applications, unlike traditional on-premises solutions, cybersecurity becomes a shared responsibility. Engineering organizations must still manage things like user rights and privileges but much of the heavy-lifting falls to the SaaS provider and their cloud infrastructure partner to ensure the security of data and accessibility for ongoing operations.

Advantages to SaaS Security

PTC, along with its cloud infrastructure partners, can deliver superior protection in three primary ways.

1. Leveraging economies of scale

Managing a number of large data centers generates economies of scale, enabling PTC and its cloud infrastructure providers to invest more in security technology, processes, and skilled experts than is possible for most companies to do on their own.

2. Utilizing deep application knowledge

As a SaaS provider, PTC is also the developer of the software and as such has a deeper understanding of the applications it is hosting. This knowledge is greater than that of commercial customers and can be important in identifying vulnerabilities or suspicious behavior. Further, a SaaS deployment ensures that the application is always updated with the most recent security improvements.

3. Participating in routine audits.

The data centers of cloud service providers such as Microsoft Azure and Amazon Web Services (AWS) are routinely audited for ISO and SOC 2 compliance, as are the SaaS providers themselves. By adopting PTC SaaS-based solution, companies gain the benefit of meeting these and other standards of security without having to commit their own time and resources. They get the added assurance that their software and infrastructure is regularly scrutinized by third parties without having to submit to invasive audits themselves.

Conclusion

For engineering companies, cybersecurity is a necessity, but it is rarely a differentiator. Unlike other IT initiatives that fall under the umbrella of digital transformation, cybersecurity doesn’t improve collaboration, it doesn’t result in better products, nor more efficient processes. Not only do PTC’s SaaS solutions enable these benefits, but they also offer improved cybersecurity and reduce the security burden on IT teams who can instead spend their resources on more strategic initiatives.

For a deeper look into SaaS security read CIO's new whitepaper: “Product Development: Better and Safer via SaaS”.

Product Development: Better & Safer with SaaS

Learn why in this whitepaper by CIO Experts

Tags:
  • SaaS
  • Onshape
  • Vuforia
  • Windchill
  • Arena
  • CAD
  • Augmented Reality
  • PLM

About the Author

Will Hastings

Will Hastings is a research analyst manager on PTC’s Corporate Marketing team providing thought leadership on technologies, trends, markets, and other topics. Previously Will was a senior analyst for ARC Advisory Group, where he conducted PLM and additive manufacturing research. Prior to ARC Advisory Group, Will was a lead mechanical design engineer for product development programs at Sensata Technologies.