For IT departments drowning in complex and expensive software maintenance chores, the SaaS (Software as a Service) model promises to ease the burden dramatically. SaaS reduces complexity by outsourcing most of the infrastructure required to run software applications (to the software vendors themselves) and reduces costs by charging only for what is consumed.
While the vision sounds like utopia for IT departments and the people who fund them, SaaS is not a panacea. For the right computing applications it could be a Godsend, allowing companies to outsource non-core competencies and focus on what they do best. For other situations, it's a not a good idea. Fortunately, it's not an either/or choice. In the world of cloud computing (which includes SaaS, among other services), you can adopt a hybrid model in which some systems are outsourced and others are kept in-house.
SaaS is not a silver bullet. Although the model has several benefits, it also has a number of drawbacks. You need to carefully consider both before deciding whether SaaS is right for you.
- Less costly initial implementation. A SaaS vendor owns and operates the application software at an off-site location on its own hardware. The user accesses the software through a Web browser (or "thin client"), usually after downloading modest ‘run-time' software.
- Minimal capital expenditures for application implementation. Software expenditure becomes primarily a "variable cost."
- Low barriers to entry and quick access to a growing range of applications. No major software implementation effort required.
- Reduced risk of cost and time over-runs since implementation effort is negligible.
- Reduced software and hardware maintenance costs. Less software hosted internally means less hardware required, which also translates into a reduced burden of patches and patch support complexity.
- Reduced IT staff. Outsourcing IT infrastructure and application support means lower IT staff costs.
- Redeployment of IT staff and tools on strategic technology projects that impact the enterprise's bottom line (core competencies).
- Pay only for what you use. Subscription or per-use licensing models eliminate the need to equip (and maintain) every device with every conceivable software application. Licenses are shared across the enterprise.
- Current licensing options permit licensing termination at will.
- SaaS vendors may have broader and deeper application experience than in-house IT staff.
- Key software systems are kept up to date, available and managed for performance by experts.
- Upgrades and enhancements are tested and delivered more frequently.
- By controlling and limiting use, SaaS vendors control all derivative versions of their software. This usually makes for a more coherent and seamless application.
- In most cases Saas offers improved reliability, availability, scalability and security of internal IT systems.
- SaaS vendor's service level agreement guarantees a certain level of service, which internal resources may not be able to match.
- Potentially more expensive over the long term, despite reduced upfront and maintenance costs.
- End users may cede control over critical business function(s).
- Vendor viability issues. Not many ASPs (Application Service Providers) survived the dot com bust; how will SaaS vendors fare?
- Changes in the SaaS market may result in changes in the type or level of service available to clients.
- Security and confidentiality issues may not be resolvable in certain situations (e.g., customer data in health care or financial services sectors), depending on how and where data is stored.
- Loss of Internet connection could mean no access to critical applications. This is mitigated by caching technologies (e.g., that allow you to continue working on the airplane without a connection) and by redundant online access (e.g., iPhones offering both WiFi and cellular network connections.)
- Customizability and extensibility of applications is controlled by the vendor. End users generally accept the application as provided since SaaS vendors can only afford a customized solution for the largest clients.
- Integration with the end user's non-SaaS systems may be difficult.
- Vendor lock-in. If SaaS vendors make it difficult to switch to other vendors' solutions, end users may be trapped with no leverage to contain costs or enhance functionality.
Solutions that are particularly suitable for SaaS are those that are standard across industries (horizontal) or across companies within a certain industry (vertical). For example, word-processing, expense-reporting, spreadsheet, email and online conferencing applications are standardized across industries and lend themselves to SaaS. Stock trading, medical billing and airline reservation services are examples of vertical solutions. SaaS could also work well for companies that need fast provisioning of IT capacity to reach time-to-market business goals, or if internal IT departments lack the skills or bandwidth to handle a particular task.
The Corporate Executive Board's Infrastructure Executive Council has come up with a list of factors to consider, also listed here, in weighing this decision:
- Strategy: Can provisioning via cloud enable competitive advantage (e.g., speed-to-market) for the enterprise?
- Capacity: Is the workload associated with this project highly variable, such that the cloud can provide an outlet for spikes in demand?
- Security: What is the strategic value/risk associated with data stored or processed in the cloud? How vulnerable is your own organization to security threats relative to cloud providers?
- Disaster Recovery: Can the cloud provider meet the RTO/RPO requirements associated with this project/application/data?
- Performance: What is the cloud provider's SLA commitment and track record in meeting that commitment? Are there resources available for performance monitoring? What impact will latency have on performance?
- Architecture & Integration: To what extent is the performance of this application/project dependent on integration with other applications or data? Will we have to customize the application to work in a cloud environment?
- Vendor Support: Does the cloud provider provide migration support, and support for service/performance issues?
- Vendor Compliance: Does the cloud provider meet all necessary regulatory requirements for this project/application/data? Are there comparable instances supported by the provider meeting the same requirements? Is the provider open to audit by an external agency?
- Vendor Health: Is the provider financially stable in a competitive market? Will you be compensated for performance shortfalls?