Cloud GRC software vs on-premise GRC software

When selecting a new governance, risk and compliance software solution, one important decision you will need to make is whether you will be hosting your system in the cloud or on-premise. 

Cloud-based GRC systems have become much more popular in recent years - especially among small and medium sized businesses - but there are many reasons why you may decide a traditional, on-premise system is better for you.  

Qualsys can actually offer you 3 options: cloud-based software, on-premise or a hybrid deployment. Hybrid means cloud GRC software can be hosted on your private servers if you choose. 

To help you to make an informed decision, this article shares with you key considerations. 

 

 Chris w 1.jpg

 

Security 

 

The most frequently asked question we usually get asked is:

"Which is the most secure option?" 

Our systems are all hosted in an ISO 27001 data centre, and we have never had a major information security incident. 

In 2019, Qualsys passed our own ISO 27001 audit with zero non-conformances.

Qualsys's cloud hosted system provides you with: 

  • High availability firewall
  • Anti-virus protection for file servers 
  • Managed to PCI DSS standard
  • Back-ups every 15 minutes 

 

In short: on-premise security depends on your own server set-up.

Cloud-based security is guaranteed by a certified and secure hosting system.

 

Costs 

 

Hosting1.png

 

The initial costs for on-premise are usually higher as you'll need to invest in a Virtual Machine (VM) or a physical server. The minimum server specification for our software:

  • Microsoft Windows 2008 Server/Windows 2012 Server
  • Microsoft Internet Information Server (IIS)
  • Windows Search Service
  • Microsoft SQL 2008 server or higher
  • Recommended 8 GB or higher
  • minimum Intel Xeon 2.4GHz processor or higher
  • A full EQMS system installation requires 1.5GB disk storage with no documents or data loaded
  • Recommended 100GB of disc space for document storage with room for expansion.

 

You'll also need to ensure you have allocated resource for internal IT time and system maintenance. 

Hosting with Qualsys's cloud solution starts from £120 per month and all of the technical work is completed for you with very little resource required from your internal technical teams. 

Cloud upgrades, support and patches are also taken care of by Qualsys, meaning less time expenditure on your part.

 

Time to set up

 

For client server systems, we usually recommend allocating 2 days of internal resource to install the software. 

For systems hosted with Qualsys, it takes 1.5 days to install a UAT and live system. 

 

Support and help

 

Whether you have a cloud-hosted system by Qualsys or opt for on-premise, you'll still be entitled to an upgrade every year. These upgrades can be completed remotely. 

 

Accessibility 

 

Both systems can be made available via browser (Firefox, Chrome etc) from any web enabled device, including smartphone and tablet applications (iOS and Android).

Our software has passed stringent speed tests. 

 

Mobile auditing software


 

Need more information about our hosting or technical information? 

 

Talk to a domain expert or schedule a call when you are next available.

Alternatively, read more about our technical product features by downloading our datasheets.

 

GRC Software datasheets

 

Topics: Software, Implementing EQMS, Engagement, Software Procurement

Share your thoughts on this article