Fortify, the application vulnerability specialist, says that research from Gartner - which predicts a surge in the Software-as-a-Service (Saas) email in the next three years - may be a little off the mark, once companies realise the IT security implications of email outsourcing.
"There is nothing intrinsically wrong with SaaS-driven email, but companies need to be very careful to verify the service they are using has the required security technology and processes to meet regulatory compliance issues, as well as the infrastructure required to meet the needs of any organization," said Rob Rachwald, Fortify's Director of Marketing.
"There is also the issue of whether a firm's security can be enhanced to extend its protective envelope around the SaaS-driven email service, and perhaps interface with the service provider's IT security systems at an API level," he added.
Unfortunately, says Rachwald, not all SaaS-driven email services were created equal, and, as a result, some are better at security than others.
These issues, he explained, are what could short circuit Gartner's prediction that SaaS-driven email services will rise from one per cent of company take-up in 2007 to 20 per cent of the market by 2012.
It is interesting to note, he said, that Gartner also predicts a rise in the take-up of hybrid server/SaaS email systems by companies, which is likely to happen as major companies move to the benefits of Cloud Computing-based environments.
"The financial imperative for Cloud Computing is very strong, especially in these recessionary times but, again, the security issues involved may well temper many companies' move in this regard," he said.
"The big question, of course, is whether the financial imperatives will override the security requirements of companies considering migrating to SaaS-driven email. And that is the great unknown that causes us to question Gartner's otherwise excellent report," he added.
For more on Gartner's SaaS email predictions: