Ethan Searle, business development director, LanDynamix.

There are serious cyber security risks attached to relying on SaaS platforms. This is according to cyber and managed services specialist, LanDynamix.

“Of course, SaaS platforms are convenient and easy to access without installation hassles. With a stable internet connection and a monthly fee, you can eliminate the complexity of managing multiple software and hardware systems. But at what cost, especially in the SME environment where when trust is damaged in the marketplace, everything fails. This can be catastrophic to SME business owners’ plans to sell their thriving concern and with it secure their pension,” says Ethan Searle, Business Development Director, LanDynamix.

Forbes reports each year, businesses rely more and more on software-as-a-service platforms for different tasks – from website analytics to accounting; payroll to email automation and more. Statista reveals the annual revenue of Salesforce alone reached US$34 billion in its 2024 fiscal year - a record high. Subscription and support was reported the business segments that contributed the most to the company’s continued sales boom. The SaaS market is thriving, to put it mildly.

“There’s a reason for this trend. SaaS services allow companies to focus on growing their core business offerings by using this software model to digitise and automate business processes. This in turn helps employees to execute their job responsibilities correctly and reliably, delivering a differentiated and consistent customer experience.

Third-party SaaS poses huge security risks

“Really in today’s fast paced and immensely competitive environment reliance on SaaS is inevitable. But as with anything, there is a price to be paid and that may be too high for SME’s – in a country where 80% of all start-ups fail. SaaS services are closely integrated into a company’s existing technology – the more SaaS providers in your landscape the bigger your attack surface. What you must ask yourself is how strong, or weak, are the SaaS providers in your chain,” says Searle.

Searle cites CDK attack – a provider of software used by thousands of car dealerships - as an example of the risks posed by SaaS based systems. CDK was forced to shut down most of its systems after a ransomware hit. “CDK is an example of why contingency planning is crucial. The attack left 15,000 automotive dealers in operational limbo as the provider worked to restore its dealer management system.”

Searle says if as an SME you are thinking along the lines of cyber criminals won’t hack my business – it’s too small – they’ll go for the big fish – you are wrong. “Cyber criminals regard SMEs as a prime soft target, knowing many in the sector fail to invest in adequate protection or simply lack resources. Taking an Ostrich approach by sticking your head in the sand and hoping the danger will pass, won’t cut it. If you drop the trust ball with your customers, it’s very difficult to get it back.”

“Without access to the same skills and technologies as larger enterprises, SMEs remain vulnerable to attack and often lack the appropriate response and resilience capabilities that can restore normal operations in the aftermath of a successful hack that has brought business operations to a standstill. The goal of these attacks is to access your network and render your services inaccessible to customers. These attacks often target SMEs because hackers know operating time is money to these businesses. Smaller organisations do not have the luxury of being too big to fail. Response time to such attacks and the ability to get operations up and running quickly can mean the difference between an SME's capacity to service its customers or close its doors.

Searle highlights how a managed service offering from a highly skilled managed services provider (MSP) can deliver the highest level of protection against today’s sophisticated threats to even the smallest firms. “SMEs can look to the in-house expertise and support of an MSP – it’s a route to peace of mind in the knowledge that the business you have worked to build over two decades is secure in the hands of cyber technology experts who will enable you to get on with the job of running your company. Services from a top MSP routinely include managed security, backup and disaster recovery .

“With IT operations securely managed and positioned for growth, you can take your business to the next level regardless of its current size or what industry you are operating in,” concludes Searle.