There are always apprehensions about data security in a SaaS model. These apprehensions were holding the enterprises to move their business critical information to a SaaS model software.
Recently I read a very good example in Economist that relates to this fear. Remember, when the locker systems were introduced in the banks decades ago, people were reluctant to keep their money in lockers. But then, slowly things got changed and now people think that bank lockers are much more safer than their own house to keep their valuables.
Am sure in the next couple of years, this trend will begin to be visible in SaaS segment as well..
In banks case, probably one thing that has reassured people about the safety of their valuables is 'Government Regulation'. Similarly, I think we may need some kind of 'Industry regulation controls' across SaaS vendors to ensure data security.
[22 Aug 07] Today in the IASA meeting, I learned that organizations are already practicing SOX compliance when adapting SaaS model. So the regulatory requirement is already in place.