When we evaluate Software as a Service solutions (SaaS) we look at 1) the location of the datacenters, 2) the center’s statistics and 3) their Type II SAS 70 Service Auditor’s Report.
Klopotek; one of the larger book publishing software vendors, posts their SaaS uptime statistics on their website.
A. Data Center Locations
We like to see SaaS vendors using 2 or more data centers that are spaced at least 1000 miles apart. This makes it highly unlikely that a single natural or man-made disaster will affect both datacenters at the same time. You can verify the distance between two cities with a Google search (“distance from city X to city Y”).
Klopotek’s server farms are located in Europe and the United States:
- EU – Klopotek SaaS – Server Farm 01 (asp-citrix.klopotek.de)
- EU – Klopotek SaaS – Server Farm 02 (saas.klopotek.de)
- US – Klopotek SaaS – Server Farm 03 (asp-citrix.klopotek.com)
B. Uptime Statistics
Every SaaS vendor claims that they have 99.9% availability. This means that they expect their service to be down for about 9 hours every year. A saas platform with this kind of availability is expected to be more popular than one that spends quite a lot of time unavailable
Those looking for professional website monitoring for a website could consider Apica Systems.
We verify this by asking for a current copy of the availability logs with MTD, 3 month, 6 month, 12 month and LTD statistics. If a SaaS provider does not provide these records we advise our clients to look elsewhere, you can learn more if you are interested in finding out more.
You can view Klopotek’s uptime logs for their data centers at: http://www.klopotek.com/saas-availability.html .
SAS 70 Type II Certification
SAS 70 Type II certificates are rewarded to data centers that adhere to the industry’s strictest criteria for data protection. A data center will provide you with a copy of their SAS 70 report if you request it.
SAS 70 Type I audit evaluate the legitimacy of the controls to guarantee they are completing their designated objective successfully at a specific point in time.
SAS 70 Type II audit employs an independent, licensed CPA to evaluate the Type I report and assess the security of stored data on the network by testing the controls over an allocated period of time.