Hosting the database outside of premise systems in saas environment comes with security risks. There should be protocols setup for every storage mechanism to handle the situations of breach of penetration which could result in data leak. Educating the team involved on the importance of security is the first step to start with, Few considerations that can be taken up has been listed based on my experience. Firstly the servers used for hosting should be reliable with latest security patches available. Most of the providers are quick to patch and prevent any recent penetration attacks on other servers. In case of web application, deploy the database on a different server with private IP and access to it should be limited with fewer individuals from local machines. The passwords used should be strong and default udp/tcp ports should not be used to reduce predictability by bots when connecting to database. Setting of HTTPS server would help to provide an extra layer of security as any r