From IT professionals and CIOs to small business owners and beyond, 2009 will be remembered as the year software-as-a-service (SaaS) evolved from a technology phenomenon into a mass-market business tool. The biggest barrier plaguing SaaS adoption to date has been a general lack of understanding and clarity as to what constitutes best practices for security protocols and data protection.

Data protection must be the ultimate deciding factor in selecting a SaaS provider. Remember though, it is not security against hackers and viruses that should be of the greatest focus. Rather, it is the permanent loss of irreplaceable data from outages and technical glitches that is most problematic.

Businesses need to inquire about data backup protocols and should only engage with providers that habitually back up data every 60 minutes. With a frequently recurring data backup procedure, even the most devastating security breach or infrastructure failure will only constitute a net loss of one hour's worth of data.

Each SaaS provider will likely have various applications and security partners that define their infrastructure. Regardless, each of them must maintain specific requirements regarding the bandwidth that SaaS providers use to connect each data center to the internet. Why is this?

By maintaining relationships with multiple telcos for bandwidth, SaaS providers are better equipped to manage service availability and performance. Additionally, using different providers for each data center enables optimum routing to client endpoints and the ability to rout around unexpected service issues that can occur within the internet cloud.

All business data whether it is a year's worth of emails or hundreds of megabytes worth of documents, should be protected by appropriate technologies. Bottom line, businesses should not formulate partnerships with any SaaS providers who cannot tangibly demonstrate their ability to provide this type of business-critical data protection.