Did you know? In the United States, the average cost of a data hack is approximately $8 million. Umm… yikes?! That’s a pretty substantial number. And just as significant: a data breach is also a violation of your customers’ and partners’ trust, a black mark on your reputation in the market, and a violation of individuals’ privacy (which, in Europe or California, can quickly land you in court).
How did data become so de rigueur? Here’s your data history 101:
- 1940s: Work was either manual or analog.
- 1950s: Mainframes began digitizing work.
- 1980s: Digitization went mini – and landed on desktops.
- 1990s: Digitization went connected via the worldwide web.
- 2000s: Social platforms connected us all, and smart phones and tablets enabled us to access these platforms virtually (pun intended!) 24/7 from any location.
While this new digital world certainly has its advantages, with digital transformation comes new – and continually increasing – security concerns, particularly with regard to privacy, access, and data location. Cloud applications exacerbate these concerns, and with Gartner predicting that cloud computing application revenue will hit $113.1 billion by 2021 (a 30% increase from 2019), it stands to reason security concerns won’t fade into the background anytime soon.
Adding to the anxiety: clouds cast shadows. Today, organizations are struggling to manage what’s known as shadow IT, which are IT projects (like cloud services) that are managed outside of, and without the knowledge of, a company’s IT department – severely compromising security. And unfortunately, security solution provider McAfee actually reports that shadow IT cloud usage is 10 times (at a minimum!) larger than known cloud usage.
How to Avoid “Hacks in the Headlines”
With data hacks routinely in the headlines, it should come as no surprise when we tell you the IT teams of our enterprise clients usually cite cybersecurity as a top priority when considering a SaaS-based multi-carrier shipping solution investment. And they’re well within their right. Parcel shipping ecosystems house all sorts of personal information, including names, addresses, and even phone numbers. And with more and more companies migrating to SaaS, we’ve identified five critical criteria to use during the evaluation for a SaaS-based multi-carrier shipping system.
Here at Logistyx, it’s safe to say we’ve been in the parcel shipping business for a while (1,500 years of collective experience, to be exact), and one of our key takeaways over the years has been that our clients aren’t looking for “perfect” as much as they’re looking for “transparency.” Make sure your multi-carrier shipping solution vendor can provide evidence of their transparency in the form of audit logging, customer security portals, and similar.
2: Experienced Leadership and Security Team
Learn where the security team sits on your vendor’s organization chart and meet the individual who leads them. Effective security teams are managed by an executive, with C-level sponsorship and access, and the team itself is comprised of security – not just shipping – experts. They’ll have concrete experience responding to changes in the marketplace like GDPR, as well as a handful of war stories about how they’ve built and optimized security practices and technology throughout their careers. Remember: your ability to maintain a secure shipping environment will be about the people behind the technology as much as it will be about the technology itself. Choose wisely!
3: Global Strategy
There is a plethora of global data privacy and security guidelines, standards, and laws, such as GDPR, CCPA, PIPEDA, etc., and every software company is impacted, regardless of where their headquarters are located. Don’t let them tell you otherwise! Make sure your solution provider’s security team has a global strategy with regard to data security and privacy. Ask the vendor what their audit plan is for monitoring and addressing security and privacy legislation both on the home front and across borders.
4: Sub-Processor Management
Almost every company moves data through sub-processors. Ask your solution provider: How are you protecting my data at every point in the data journey? It’s critical not to overlook this one, because recent privacy regulations fail to differentiate between a processor and a sub-processor. It views the relationship as the same as that of a processor and the primary data controller. This means contracts between processors and sub-processors need to have data protection obligations identical to those in contracts between processors and controllers.
5: Disaster Recovery and Business Continuity Plans
Unfortunately, our world is fragile. Whether the fault lies with Mother Nature or the damage is self-inflicted, the unthinkable can – and frequently does – happen. Therefore, your multi-carrier shipping solution provider needs solid disaster recovery and business continuity plans. Ask your provider about their redundancy mechanisms and insist they provide evidence of proven failover.
You’re More in Control than You Think
The CEO of IBM, Ginni Rometty, has said that if data is the basis of competitive advantage, then cybercrime is the greatest threat. While we certainly believe this is true, we also believe there are steps you can take to gain more control over your data protection. And these criteria for evaluating SaaS-based multi-carrier shipping solutions are a wise place to start.
Want to learn more about how to choose the right SaaS-based multi-carrier shipping solution? Download our checklist: Choose the Right TMS for Parcel Shipping.