Do you not remember what happened with Codespaces?
How many times are there posts to HN: "AWS is down in <FOO>" with dozens of comments "yep, XYZ doesn't work right now"
How many service based companies have been bought out by a bigger fish only for the service to be shut down or changed in some dramatic way?
For the majority of businesses I very much doubt that theft is the primary concern with using SaaS. Control, visibility, access to your own data regardless of the app/system author's current situation, etc.
Even if theft is your primary concern - and I will grant you that for most small companies where it's targeted theft, the finger more likely points to an insider - using SaaS, especially if it's one builds on a third party provider's stack, means you are increasing the potential for breaches, and you don't even know what that increased potential is, and potentially you may not even know if a breach occurred.
Imagine a company that runs a service on Heroku (who in turn have built on AWS). So by using this service, you suddenly have great potential for individuals at three other corporations to heavily influence your ability to do business and remain profitable, either through data loss, downtime, or the aforementioned security breach.
I haven't even mentioned the issue of data privacy here - it seems quite common for modern SaaS startups to rely on VC funding to offset the costs of providing their service, with the vague notion of "if you build it, they will come... and then we can somehow turn them/the information we hold on them into a profit"
Do you not remember what happened with Codespaces?
How many times are there posts to HN: "AWS is down in <FOO>" with dozens of comments "yep, XYZ doesn't work right now"
How many service based companies have been bought out by a bigger fish only for the service to be shut down or changed in some dramatic way?
For the majority of businesses I very much doubt that theft is the primary concern with using SaaS. Control, visibility, access to your own data regardless of the app/system author's current situation, etc.
Even if theft is your primary concern - and I will grant you that for most small companies where it's targeted theft, the finger more likely points to an insider - using SaaS, especially if it's one builds on a third party provider's stack, means you are increasing the potential for breaches, and you don't even know what that increased potential is, and potentially you may not even know if a breach occurred.
Imagine a company that runs a service on Heroku (who in turn have built on AWS). So by using this service, you suddenly have great potential for individuals at three other corporations to heavily influence your ability to do business and remain profitable, either through data loss, downtime, or the aforementioned security breach.
I haven't even mentioned the issue of data privacy here - it seems quite common for modern SaaS startups to rely on VC funding to offset the costs of providing their service, with the vague notion of "if you build it, they will come... and then we can somehow turn them/the information we hold on them into a profit"