Software as a service (SaaS) is the oldest and most mature of all the cloud computing options and its adoption is continuing apace – in some areas of the business at least.
According to analyst firm Gartner, the global SaaS sector grew by 14.1 per cent last year to $8.5bn. This higher than average growth rate in an otherwise difficult market meant penetration levels rose to a total of 10 per cent across all enterprise application sectors, with the figure expected to increase to 16 per cent by 2014.
In fact, Ray Wang, chief executive and principal analyst of the Constellation Research Group, indicated that as many as 56 per cent of new purchases in 2010 were SaaS rather than on-premise, although the figure dropped to more like 36 per cent in licence value terms.
This discrepancy was because uptake was highest for low-cost commodity services such as email, and personal and business productivity tools such as Google Docs. CRM packages particularly for salesforce automation and marketing were also popular.
But Derek Kay, director of cloud services at Deloitte, pointed out that in many application areas, SaaS delivery models are simply not available as an option. “There’s still a fairly limited choice of applications that are truly sold and delivered as a service,” he said.
“In some areas, such as CRM, it’s pretty good. But there aren’t many ERP systems that will scale, which is an important factor, and once you look at industry verticals, you’ve got a very difficult menu choice.”
Nonetheless, awareness of the potential benefits of SaaS among C-level executives continues to mount as the industry’s marketing machine cranks up beyond its more traditional IT audience. This awareness means questions are starting to be raised about promised cost savings, ease of implementation and the ability to wind capacity up and down in line with business needs.
But rather than cave into executive pressure and rush in to cloud computing where angels fear to tread, it is essential that IT directors plan carefully for any change just as they would for more traditional software implementations. As a result, silicon.com has come up with four key questions that IT leaders should ask themselves before jumping in feet first.
Question 1. How can I manage the expectations of the business?
Before doing anything else, heads of IT have to establish a robust business case for adopting a SaaS delivery model, whether in terms of cutting costs or being able to provide new or improved services.
The idea is to understand where the model might fit comfortably into the organisation’s commercial and technical strategy, and to evaluate what value it could bring to the business without opening it up to undue risk.
Deloitte’s Kay said: “Managing the expectations of the business is important, even if you’re saying, ‘Yes, it’s the right thing to do, but not yet’, perhaps because you’ve just signed a five-year deal and it would be too expensive to get out of it. The problem is that…
It’s vital to have a plan B, which includes data recovery, and to know the cost of implementing it
…if you don’t control adoption, down the line you can end up with unpredictable costs if people move to SaaS by the back door and unpleasant surprises if data gets out.”
But one means of entering into a mature dialogue with the business about such issues is to undertake a three-month pilot project. Such a trial might comprise a small number of users in an area of the organisation that has expressed an interest and which might be inclined to go it alone, thereby bypassing IT department controls completely.
If successful initially, the trial could be broadened to encompass larger numbers of people, before evaluating the findings. At this point, the facts can be laid before the executive management team for a decision on whether to proceed.
Question 2. How do I ensure the business is not exposed to undue risk?
Because the stewardship of corporate information rests with IT leaders, they have to ensure it is protected using a suitable mixture of controls, governance and assurance, whether in relation to inhouse systems or SaaS delivery models.
As a result, it is important to undertake an upfront risk assessment and to devise a risk-management strategy to cope with any potential problems.
For example, an obvious risk in a SaaS context is that a third-party supplier could go bust, resulting in lost or inaccessible corporate data. So it’s crucial to undertake due diligence into the supplier to understand, focusing on its credibility and financial health.
If a provider does disappear, it is vital to have a plan B, which includes data recovery, and also to understand how much it would cost to implement. At the very least, the organisation’s disaster-recovery plans must be revised so it is clear what action should be taken if a SaaS vendor’s datacentre goes down, the network collapses or it cannot deliver promised levels of scalability and performance.
In this context, questions should also be asked upfront about resilience, average downtime, both planned and unplanned, and whether the mainly vanilla service-level agreements provided by suppliers are suitable.
Ian Jacobs, senior analyst of customer interaction at Ovum, said: “IT directors need to ask themselves how much availability they really need. Once they understand their own availability requirements, they can then make a judgement on average downtime and SLAs and whether they’re a good fit or not.”
But another means of mitigating risk is to request…
…the ability to audit data and security processes. Although many vendors will indicate that they comply with the US-based SAS 70 auditing standard, for some European organisations, this compliance will simply not be enough and they will need to send in their own people.
Question 3. What about hidden costs?
Although actually implementing a SaaS-based system may be quicker than deploying on-premise applications, the same planning and project disciplines apply. This fact means it is important to set aside budget to revamp business processes, particularly if it is not possible to customise the SaaS system in question to any great extent.
Although all too many organisations simply introduce SaaS technology without considering such matters, a good starting point is to “begin with the end in mind”, according to Constellation’s Wang.
This approach entails being clear about what value the system will bring to the business and using such information to “figure out what dashboards people will need and the information they’ll want to get out of them”.
The next step is to “work out the business processes that get you to that data and what departments touch that business process so you discover where you can make efficiencies. You can then start configuring the system”, Wang said.
But a further five to 10 per cent of the total licence cost should also be put by to undertake integration with core systems. Although third-party libraries from vendors such as Dell’s Boomi, Informatica and SnapLogic are now available, such software and any implementation work will still need to be paid for.
The same applies for all of the usual change-management and user-training activity, which also does not go away.
An additional consideration is that helpdesk staff may also require education and training if the IT organisation is still providing front-line support. Supplier-management skills could well be required for the first time along with guidance on how to deal with problem escalation when dealing with various third parties that do not necessarily work in tandem.
Question 4. What key licensing and upgrade considerations do I have to bear in mind?
Although one of the much touted benefits of SaaS is the ability to scale capacity up and down on a pay-as-you-go basis in line with business requirements, in reality many vendors do not have suitable licensing models to allow this scalability to happen, even though such activity may be technically feasible.
IT directors therefore need to ask themselves how much variation in demand their organisation actually experiences based on change requests and requests for new licences. But they should also ask potential SaaS providers what flexibility is built into their licensing agreements, whether they operate on a year-to-year, bi-annual or month-to-month basis and whether there is the option of adding or taking away seats during that period.
Another consideration is simply controlling the flow of new functions that are provided via upgrades. The issue here is that not all new features will be of use but may still require helpdesk support, which can lead to additional requirements for staff – and end-user – training. Large updates may also have knock-on effects on systems and processes elsewhere and could even necessitate change-management activity.
Ovum’s Jacobs said: “One of the highly touted benefits of SaaS is that it allows enterprises to get the latest and greatest technology in a seamless way, but it can also generate its own problems. IT directors have to figure out how much control a provider gives them over which features they turn on and off and how much of a time window they have to do so. It’s about seeing how much you can limit the flow of functions.”
Even if IT directors are given the flexibility to decide for themselves whether to switch new functionality on or off, it will still be necessary to introduce suitable governance structures to ensure that the process works smoothly, however.
- The Customer Edge Drives the Need for NaaS - June 25, 2023
- Blockchain Evolves And Secures - January 13, 2019
- Bessemer Ventures’ 2018 Cloud Computing Trends - February 25, 2018