Skip to content
Best Practices Compliance Software Data & Integrations Technology & Architecture

Your Data And Your Compliance Software: Where Should It All Live?

Onsite and offsite hosting each have their own distinct advantages and disadvantages. Here’s some of the latest thinking on the subject

To host, or not to host, that is the question. Less poetic and perhaps not quite as existential as Hamlet’s similar self-interrogation, it nonetheless gets at a critical dilemma facing any enterprise financial firm that uses compliance software: do you host the platform software and the data yourself—onsite, on your own servers—or do you let your vendor do the hosting at their facilities, completely offsite? You may already have strong feelings on the subject, but both options have advantages and disadvantages. As such, it’s a topic worth keeping  current on. Here’s a look at some of the latest thinking on the subject.


  • Ultimate Control—Hosting the compliance platform and all the data that goes along with it might help you sleep better at night. You can make your data fortress to your exact specifications. If data is the new currency, and thefts of that precious currency are on the rise, complete control has its advantages.
  • Ultimate Access—Your data is as handy as you could possibly want it to be, onsite and within your electronic reach at all times. There’s little to no delay in populating data or pulling reports. Troubleshooting is also made easier by physical proximity to your data and your platform. Sync speed matters.


  • Ultimate Responsibility—With great control comes great responsibility. Make that total responsibility. Hosting everything yourself means running all the servers: with all the partitioning, firewalling, and barricading that entails. It means not just keeping abreast of very specialized IT knowledge, but being able to  implement it as well. Hosting compliance software and all its attendant data can be like running a whole other business.
  • Challenging Upgrades—When your compliance platform is hosted offsite, at the vendor’s facilities, upgrades can be done quickly, easily, and frequently: anything from a patch to a major release. When your IT department is completely on the hook, these critical software upgrades can go completely undone, or happen far less frequently. In an almost constantly changing technological environment, both situations are highly undesirable.


  • Economies Of Scale—Companies whose job is Software as a Service, or SaaS, don’t just develop software, they design and build the infrastructure it runs on. This includes the capacity to host the data their software needs to interact with. Your data. And they can spend whatever it takes to have the biggest and best hosting facilities because they’re going to have a multitude of clients to help them pay for it. 

    You benefit from these economies of scale. That is, you’d never—by yourself, in-house—be able to afford and build hosting infrastructure like a company whose livelihood depends on it.

  • Easier Collaboration—It’s all well and good to have your data and corresponding software housed onsite, if you’re only doing your work onsite. For businesses that operate nationally or globally, you’re going to have to be able to network with offices in far-flung and possibly remote locations, or with employees operating on the road with only a laptop, smartphone, and cell or Wi-Fi connection at their disposal. 

    Again, compliance software vendors build IT infrastructure as part of their professional remit, and know how to build not just secure offsite hosting facilities but how to link them both securely and with optimal sync speeds. Increased collaboration is a benefit of this. Offsite hosting, with numerous clients all using the same data center, also means a net reduction in energy output for climate control. This is better for the environment, helps your business project an environmentally sound image, and is one less bill your firm needs to pay.


  • Third-Party Risk—Do you have trust issues? If so, you may have a hard time trusting your compliance vendor with the precious data your customers have entrusted you with, as well as your own data, which you’ve no doubt spent years accumulating. And if that data is financial, you and your clients may see it as all the more frightening not to have it in your direct care. Anytime you employ a third-party vendor, you take on some risk. Vett all vendors thoroughly.

The world is getting more and more comfortable with the idea of streaming data, of moving it around great distances virtually. The world is also getting more and more comfortable with the idea of all that data being stored in this amorphous thing called the cloud which, of course, isn’t amorphous at all.

For a compliance software vendor, the cloud is banks and banks of high-end, heavy-duty servers. Maybe in unmarked buildings halfway in the middle of nowhere. Protected with crash barriers, state-prison level fencing, security guards, and biometric access controls. All locked away in cages, in buildings kept at optimum temperature and humidity levels and equipped with fire-suppression systems.

And that’s just the physical security. In the servers themselves are firewall after firewall. Hypervisors allow for near instantaneous backup in the event of an issue. Ringfencing keeps all this humming machinery, and the data and software contained therein, far away from the benign and not so benign goings-on of the always active worldwide web. Finally, a good compliance vendor will have business continuity plans in place, and regularly conduct drills and disaster simulations to make sure it’s on top of its game and can respond speedily and with utter confidence if a real situation arises.

A recent survey of large companies by Goldman Sachs found more and more of them are shifting their computing work from onsite data centers onto cloud-based data centers. 18% of workloads are currently running in public clouds. That share is expected to increase to 34% by the end of next year. In the end, if compliance software vendors aren’t good at what they do, which includes keeping client data safe, they won’t be in business for very long. Data makes the world go round. Keeping it close-by may seem the only completely safe and sane option in a fast-moving digital world, but once upon a time so did paying all your bills through the mail.