LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	RAINdribble: SaaS contracts too often lack security specifics
From:	"Carol E.B. Choksy" <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Mon, 5 Aug 2013 12:21:24 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (74 lines)

Hadn't seen this posted, but thought it was important.

ECM companies are making a distinction between "cloud services" and "hosted
services." Hosted services belong under the category of cloud services under
any definition of the term. What ECM companies are really differentiating is
their lightweight cloud offering that competes with Box.com and their full
product hosted at, for example, Amazon Web Services. The full hosted
products is Software as a Service (SaaS). This article is about SaaS, not
"cloud" ECM.

SaaS contracts too often lack security specifics

SaaS vendors are being "extremely vague" about security and service levels,
and customers aren't happy, Gartner says

IDG News Service - The large majority of people working in IT procurement
are "significantly dissatisfied" with the way SaaS (software as a service)
vendors define contract language related to security, a feeling likely to
persist through 2015, according to a Gartner report.

"Contractually, very little security language appears in the body of SaaS
contracts," Gartner analysts Jay Heiser and Alexa Bona wrote in the report.
"Typically the security section contains little more than platitudes,
stating that the provider will use 'commercially reasonable efforts to
establish and maintain security safeguards.' These are often declared to be
'in line with industry standards,' which are mostly never defined."

http://bit.ly/1b6WCI7

Best wishes for a great week!

Carol

Carol E.B. Choksy, PhD CRM PMP

CEO

IRAD Strategic Consulting, Inc.

<mailto:[log in to unmask]> [log in to unmask]

317-294-8329

Adjunct Lecturer

Department of Information and Library Science

School of Informatics and Computer Science

Indiana University, Bloomington

<mailto:[log in to unmask]> [log in to unmask]

IRAD watermark 2 copy

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US