6 Questions to Ask a SaaS TMS Solution Provider about Data Accessibility and Security

Data is the lifeblood of modern, automated supply chain management programs.  So, what happens to your transportation data if you’re using a SaaS TMS (or any cloud-based logistics management solution) and the provider suddenly disappears due to financial insolvency, litigation or acquisition?   Will you have access to your program data when this happens and how difficult/costly will it be to secure the information that is by rights, yours?

This is a concern that is all too frequently overlooked.  Yet it is one that should weigh on any shipper using a third party solution, especially in light of the numerous recent entrants in the supply chain software market.   Cloud computing has been a boon to shippers, lowering the costs associated with the implementation of enterprise software for logistics and making the Software as a Service (SaaS) or cloud solution for TMS, optimization and other functions much more attractive to a wider array of shippers.  Unlike the onsite “hosted” solutions they replace, SaaS solutions store all a client’s data in the cloud.

This positive development has a negative counter balance though.  While smaller, nimbler, more innovative solution providers can offer the bleeding edge of technological advances avoided by the more calcified industry leaders, they are also, by definition, less financially stable and acquisition targets for the market leaders they seek to unseat.   And while not all SaaS TMS providers are risky, it can be difficult to separate the solid ones from the wobbly ones.  However, there are steps that can be taken by shippers during the provider selection process to ensure that their data will be protected come what may.

We polled several enterprise software consultants and other subject matter experts to see what questions they recommend their clients ask with respect to data accessibility and here are the 5 questions they all agreed a shipper should ask of a prospective solution provider.

  1. Does the solution provide unfettered access to our program data on demand?  Is there any charge for access? (Yes, some providers charge you to access your own data!)
  2. Is our program data stored discretely or is it commingled with other customer data in a single database?
  3. Is our data aggregated with other customer data to deliver analysis and benchmarking (or any other services) to all the provider’s clients?  Can I opt out of having my data leveraged in this way? If you end the business relationship, does the provider retain your aggregated data or is it removed from their benchmarking pool?
  4. If our data is aggregated, is it also anonymized?
  5. Will you provide a SQL extract (or equivalent capability) so data can be removed/downloaded for any reason?
  6. What data security policies are in effect within the provider organization?  Is the security policy published?

As a best practice, UltraShipTMS recommends ensuring shippers select a SaaS TMS provider who is willing and able to provide a separate database instance for each client implementation.  This makes it far more likely that a customer will be able to have secure access to their data at all times and in any contingency.

Leave a Reply

Your email address will not be published. Required fields are marked *