If there’s one “new” industry that has entrenched itself with no signs of going away, it’s Software as a Service (SaaS). It evolved from the days of a few mail-order software companies into a vast landscape of cloud-based behemoths with steady subscription-based revenue, low overhead and plenty of happy customers.
Companies categorized under this industry include Microsoft, SalesForce, Cisco, Adobe, Amazon Web Services, Slack and Zendesk. And those are just a few. These giants are setting the standard for how tech companies deliver their services, whether to other businesses or direct to consumers.
The value this model adds for innovators and their clients is undeniable and reflected in the growth of the industry. Consider the following two key points made by Forbes:
- The total global public cloud market will be $178B in 2018, up from $146B in 2017, and will continue to grow at a 22% compound annual growth rate (CAGR).
- Forrester predicts that more than 50% of global enterprises will rely on at least one public cloud platform to drive digital transformation and delight customers.
Why is Insurance for SaaS Companies Important?
SaaS companies need their service to be as stable, fast and effective as advertised, but service outages can come from anywhere. Anything from routine system maintenance to targeted DDoS or cyber extortion attacks can trigger a business interruption. If the service fails (whether it’s because of an attack on their system or the system of a critical vendor like AWS) and then clients lose money, SaaS companies will have to pay the price in the form of lost income or, worse, lawsuits.
The damage to the company’s value, reputation, customer confidence can be significant after system failures and data breaches. Microsoft experienced this early on, soon to be followed by the likes of Yahoo, LinkedIn, and Adobe.
Moving beyond the more technical, computer-based crises that can happen, there’s also the possibility of a more traditional failure in the company’s professional service. Sometimes a more carefully tailored professional liability (E&O) policy will also be required to cover unique exposures. An accounting software provider will want Tech E&O coverage in case a glitch causes a client some sort of financial loss, but what about run-of-the-mill accounting errors? Those would be excluded from a Tech E&O policy so a separate Accountant’s E&O policy may be necessary.
Data breaches are when sensitive information is data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. IBM study estimated that the average cost for companies who are victims of cyber attacks is a whopping $141 per record.
SaaS companies are often victims of cyber crime such as DDoS attacks and randsomewear attacks. These attacks can lead to data being stolen or destroyed. The average cost of a cyber attack for enterprises grew from $1.2 million in 2016 to $1.3 million in 2017.
By nature SaaS companies are heavily reliant on back end & front end systems and third party services providers for their applications, servers and data services. Any outages, downtimes or failures can result in lawsuits from customers who rely on their platforms to run their business.
SaaS companies must stay current on privacy and security measures to retain long-term customers. This approach means more than merely adhering to best cybersecurity practices, such as keeping software updated and servers maintained. SaaS companies must follow regulatory standards, as well.
Recommended policies for SaaS companies
These coverages form the foundation of any risk management program for SaaS companies:
General liability offers broad protection against some of the most fundamental risks companies face. Known as “slip-and-fall” or “all-risk” insurance, this policy covers personal or property damage and bodily injury occurring on the business premises.
When employees sustain work-related injuries, employers are typically responsible for their medical costs and lost wages. This policy covers these expenses, protecting employees while simultaneously keeping companies running smoothly.
Cyber insurance protects companies from third-party lawsuits relating to electric activities (i.e., phishing scams). Plus, it offers many recovery benefits, supporting data restoration and reimbursement for income lost and payroll spent.
Errors & Omissions
Errors and omission (E&O) insurance, also known as Professional liability, covers companies in third-party or client lawsuits claiming substandard work or service. Work errors or oversights, missed deadlines, budget overruns, etc., often result in costly cases — but E&O insurance responds to these mishaps.
Tech Errors & Omissions
Technology drives most company’s success in the modern world. If a tech issue arises, such as a newer software causing a third party’s older system to crash, liability becomes a massive problem. Tech E&O, usually teamed with cyber liability, covers legal fees and other related costs in the event of a lawsuit.
Employment Practices Liability
Any company with employees faces the risks of allegations, such as discrimination, wrongful termination, breach of contract, etc. This coverage protects companies against lawsuits related to employment practice
SaaS Specialized Coverage
These policies are essential for or can be tailored to the needs of companies operating in the SaaS companies space:
Whether employees steal from you, a thief robs your armored car, or you receive a forged check or fraudulent wire transaction, money theft happens in many ways. Crime insurance guards your company against damages from these particular crimes.
Whether it’s a devastating fire, natural disaster, or burglary, property insurance responds. This policy reimburses companies for direct property losses, supporting recovery and momentum.
Types of SaaS Companies that need insurance
- Business Management
- Accounting Software
- Collaboration Platforms
- Enterprise Resource Planning
- CMS & E-commerce
- Communication platforms
- HR/HRM solutions
SaaS Frequently Asked Questions
he cost of insurance for SaaS companies will depend on several things, including the company’s size and development stage. Other factors include:
- Exposures: risks being insured
- Company practices: views on safety, compliance, and risk management
- Program structure: the amount of deductible and willingness for a company to assume more risk
- Claims history: the type and amount of past claims against the company