Software as a service (SaaS) puts most of the responsibility for security management with the application provider and is considered low-risk because it primarily deals only with software and not hardware or storage. With SaaS, companies are able to control who has access to these cloud services and how the applications are configured. The complexity of software installation, maintenance, upgrades and patches, meanwhile, is automated and handled by the provider. Companies still weighing the advantages of cloud with the perceived security risk should begin by asking the right questions and examining the right considerations to help build a "trust and verify" relationship with the cloud provider that will support success.
For decades, clients around the world have trusted IBM with their data. We hope we have earned that trust and we appreciate our clients’ concerns about their data. We would like to share some general information regarding privacy and security, but please note that our obligations will be governed by the contractual terms of the specific SaaS offering for which you sign up.
For more information on Security and Privacy in Service Engage refer to https://www.ibmserviceengage.com/security