Adopting progressive digital processes is a key competitive differentiator for field service organizations. In fact, according to Service Council’s 2020 Service Leader’s Agenda, technology for field service business operations is the most significant investment increase in 2020. Often times, this investment takes the form of a Software-as-a-Service solution.
According to FinancesOnline, 63% of businesses opt for SaaS because they want the flexibility to address shifting market conditions, while 58% of organizations love SaaS because it allows business continuity. Other reasons for adopting SaaS are to upgrade customer services or support, replace proprietary technology, and address the need for real-time data access.
While the general consensus is that SaaS is a powerful option for field teams when it comes to buying SaaS apps 47% of IT experts identify “security” as one of their top criteria, second only to cost. Security is especially important as many SaaS platforms use cloud-based services. FinancesOnline reports 18.1% of files uploaded to cloud-based file-sharing and collaboration services contain sensitive data and this is exasperated with highly-sensitive organizations that collect and store ePHI. If you’re considering a SaaS solution for the field, security should be top of mind.
What Does a Secure SaaS Vendor Look Like?
This Secure Vendor Checklist can be used to ask the right questions and validate reliable SaaS vendors. Ensure your chosen solution in the field places as much of a priority on security as you do:
1. Compliance Certifications
Does the vendor have a formal Security and Compliance program to ensure data protection for all data collected, stored or otherwise processed through their service?
Ask potential vendors about their current security certifications. Most vendors will share comprehensive security reports with potential customers under a non-disclosure agreement. Pay close attention to the dates and details of these reports to ensure certifications are current and relevant.
Once you have selected a vendor, set up a rhythm for collecting these reports on an ongoing basis. This way, you’ll be sure to know if your standards are being met.
Does the vendor encrypt all data in transit using Transport Layer Security 1.2? Does the vendor protect data at rest with 256-bit AES object-level encryption? What are your responsibilities in keeping data secure on your end-user devices?
3. Disaster Recovery
What’s the backup plan? What is the vendor’s recovery time objective (RTO) and recovery point objective (RPO)? Will the vendor responsibly backup all aspects of your implementation, including your configuration, and not just your data?
Does the vendor disclose their system status in a self-service portal? If not, how will you be notified of expected and unexpected systems outages that might affect your business?
Review the vendor’s service history, obtain customer references and ask them about their experiences with the vendor’s concern for privacy, reliability, and security vulnerabilities.
How does the support process hold up? Submit a support request and assess the quality of the support you receive.
For a larger SaaS deployment, research the support model. Will your internal help desk be responsible for ‘Tier 1’ support, or will users call the SaaS vendor directly?
6. Legal Considerations
Is the vendor willing to sign a Data Processing Agreement, Business Associate Agreement, or other similar items if these are a requirement of your compliance program?
A secure solution for field service
If you are looking to stay agile to market trends and go digital without sacrificing safety, ProntoForms meets your Secure Vendor Checklist.
Learn about ProntoForms’ security and compliance certifications and how to leverage advanced security features for your most sensitive use cases in the field. Check out the webinar with Glenn Chenier, Chief Product Officer at ProntoForms!