10 Vital Questions to Ask a SaaS Provider to Safeguard Your Point Cloud, Mesh, GIS data, Inspection or Asset Information.

Over the weekend, I saw another announcement for a hosting service for geospatial information - somewhere to host your point clouds, 360 imaging, etc. I can see why survey equipment manufacturers want to tie you into their ecosystem or why a digital twin software or BIM provider would like you to sign a contract. For them, it is easy money and recurring revenue. Still, businesses heavily rely on Software as a Service (SaaS) solutions to manage and optimize their assets efficiently. Asset data, whether related to inventory, equipment, or other resources, holds immense value. Often mission-critical knowledge for their business. Ensuring the security and protection of this asset data is paramount. To assist you in making informed decisions when selecting a SaaS provider for your asset management or Digital Twin needs, here are ten crucial questions you should be asking.

1. What Security Measures Safeguard My Asset Data?

Start by inquiring about the security measures in place, including firewalls, encryption protocols, and intrusion detection systems specifically tailored to protect your valuable asset data.

1. Where EXACTLY Is My Asset Data Stored?

Understand the physical location where your asset data is stored. This is essential for compliance and disaster recovery planning.

1. What's the Asset Data Backup and Disaster Recovery Plan?

Ask about their procedures for backing up asset data and how quickly they can recover this critical information in case of system outages or data loss.

1. Who Has Access to My Asset Data?

Get insights into the access controls governing your asset data. Ensure that only authorised personnel can access and modify this vital information.

1. How Is Asset Data Encrypted in Transit and at Rest?

Encryption is vital to securing asset data. Please verify that the provider encrypts data when it's stored and transmitted between servers and users.

1. What's the Protocol for Addressing Asset Data Breaches?

Understand their incident response plan. Knowing how they handle and report data breaches and what corrective actions they take is crucial.

1. Do You Comply with Relevant Asset Data Protection Regulations?

Ensure that the SaaS provider complies with data protection laws applicable to asset data, such as industry-specific regulations or regional laws.

1. Can I Export My Asset Data Easily?

Confirm that you can export your asset data when needed, whether for backup purposes or when transitioning to a different provider.

1. How Do You Manage User Authentication and Authorization for Asset Data Access?

Learn about their user management system, particularly concerning asset data. Strong authentication and authorisation processes are critical.

1. What's the Service's Uptime and Reliability for Asset Data Management?

High availability is essential when managing asset data. Inquire about their uptime history and the measures they employ to prevent disruptions.

In addition to these questions, consider requesting an independent security audit or penetration testing to objectively evaluate the provider's asset data security measures.

Always remember that safeguarding asset data is an ongoing commitment. Once you've chosen a SaaS provider, continue to monitor and assess their security practices, ensuring they adapt to evolving security threats and regulatory requirements.

The worst-case scenario? Your provider goes bust... When Carillion went into liquidation, it wasn't just the financial cost but the petabytes of data they managed for their clients that went into landfills on hard drives. The value of that was incalculable.

Why would you let any third party host your critical data?

Protecting your asset data when utilising SaaS hosting solutions for asset management is a shared responsibility. By asking these vital questions and maintaining vigilance, you can mitigate the risks associated with asset data breaches and confidently integrate SaaS into your asset management operations while safeguarding your valuable information.