In a recent ComputerWorld article, Kwok Suk-wah, CIO of AON Hong Kong, discusses fear of data security, a common obstacle to cloud adoption.

“People think that if you outsource, you lose control of your data and assets,” she said. “I’ve been using this home-cleaning analogy to explain to others how we should approach cloud computing. Say that you’re considering whether to hire a cleaning lady to clean your windows or to do it yourself. You’ll soon realize that the cleaning lady can do the job five times faster and better than you do. But then you also worry about your valuables might be stolen. Like hiring a cleaning lady, there are many privacy and security concerns of adopting cloud computing, and yet these third-parties do the job much cheaper and cleaner than if you do it yourself. Don’t discard the idea—instead, take necessary precautions,” concluded Kwok.”

Thankfully, Salesforce / Force.com security is extremely rigorous. Reduced cost, less worry – hell, it could even help you sleep a little better.

Security & reliability matter. Actually, they’re critical.

Until recently, formal certification of information security technology was a long and costly necessity of doing business.

No longer. Salesforce can handle these costs at a larger scale, which lower costs relative to on-premise technology.

Below is a summary of the rigorous audits performed and formal certifications that Salesforce has been awarded.

Third-Party Audits

Scrutiny by trusted third-party auditors yields formal assurance in the form of third-party certifications:

• SAS 70 type II – is an independent 3rd party audit of internal controls and data security controls.
• SYSTrust Certificate – is an independent evaluation measuring a service provider against four essential principles: availability, security, integrity, and maintainability.
• ISO 270001 – international standard of information security best practice providing comprehensive best-practice advice and on how to design, implement and maintain a compliant information security management system.

Customer Audits

Salesforce.com operations receive routine scrutiny from customers. Once example is the demanding security audit that ING Bank completed before selecting Salesforce. ING Bank is now one of Salesforce’s largest financial services clients.

Still not convinced?

An overview of Force.com security can be found here, or watch the “Introduction to Force.com Security” webinar (originally recorded on October 9th, 2009).

We’d love to hear from you, so contact us to discuss any Salesforce/Force.com security questions you may have.

On-premises computing often come with a host of issues and challenges that most business people would rather not have to deal with. You don’t own and operate your own power plant, so why do you own and operate a data centre?

Leave it to the experts.

Below are 5 reasons you’ll sleep better after making the switch to the Force.com platform.

1. Physical Security: Salesforce’s data centres are humidity and temperature controlled with redundant cooling systems. The buildings have 24-hour manned security, including foot patrols and perimeter inspections, biometric scanning for access, video surveillance throughout facility and perimeter, and all computing equipment is stored in access-controlled steel cages. How does your physical security compare against that?
2. Backups: Data is backed up to tape at each data centre, on a rotating schedule of incremental and full backups. The backups are cloned over secure links to a secure tape archive. Tapes are not transported offsite and are securely destroyed when retired. In addition, you can schedule a full or custom export of the data in your system so you have a local copy.
3. Availability: At trust.salesforce.com, Salesforce shows the live and historical status of each server. Up-to-the minute information on system performance provides unprecedented transparency.
4. Disaster Recovery: Salesforce performs real-time replication to disk at each data centre, and near real-time data replication between the production data centre and the disaster recovery centre. In addition, data is transmitted across encrypted links and disaster recovery tests verify projected recovery times and the integrity of your data. How does your existing disaster recovery compare?
5. Upgrades: With Salesforce.com, you receive updates three times a year. For free. Automatically. Welcome to the end of costly software maintenance fees.

Cloud computing removes the need to install any software, buy servers, upgrade servers, back-up data, etc. The result is massive cost savings due to reduced staffing, maintenance and power consumption.

Oh, and you’ll sleep better.

Contact us today to learn more how the Force.com can help your business.