In-Depth Perspective – Demystifying Software as a Service Part 2

As more and more vendors come to the market with SaaS based solutions it is becoming critical for organisations to understand the pros and cons of each approach – including traditional On-Premise. These technology investments are not short term; despite the rental SaaS model, any technology change causes massive business upheaval and impacts user productivity. The wrong decision can be catastrophic.

In the second part of this series, Toby Conibear, European Business Development Director, Bond International Software, explores the key points to consider when choosing SaaS in order to ensure it is correct for the enterprise, secure and ultimately improves on the existing process.

1.     How Secure is the Data?

The number one question regarding SaaS is always data security. With SaaS, the major security and privacy responsibility is shouldered by the vendor. Ask the vendor about where the application is hosted and how the data centre is secured; and what utilities are available in the application to monitor users’ interaction with the system. As a standard industry practice every SaaS provider goes for backup and replication of data for failover support.

For business critical systems the vendor should regularly penetration test both software and infrastructure. The tests should be current, within the last year, and clearly the results should be positive. Depending on the client base there may be a requirement to adhere to specific security standards. Ask to see the results of these tests. 

2.     Data Location & Ownership

There are some countries/geographies whose laws prohibit the storage or transfer of data beyond a certain geographical boundary, so it essential to be aware of the law in any country of operation. Both the European Union and US are very specific about privacy and security of certain types of data. It is essential to learn more about US-EU Safe Harbour and EU model clauses and certainly never take it for granted that the data will be stored in the same country.

3.     Service Level Agreement Options 

Generally a SaaS vendor offers 99.9% uptime to address the general quality of service – and in many cases this is predefined and non-negotiable, certainly under a Multi-tenant model. This can be a problem for medium to larger scale organisations that have a specific set of requirements to be met. With the larger recruitment companies estimating downtime costs of £2,500 per minute for business critical systems such as the front-end recruitment CRM, a generic SLA is often not going to be good enough.  In this case, the Single-tenant model can be more flexible, allowing the SaaS vendor to tailor the SLA to meet the needs of each organisation.

4.     Vendor Maturity

In a market full of new players, due diligence is ever more essential. And that means looking at the vendor’s product roadmap as well as underlying funding. There is some concern regarding the long term commitment of the Venture Capital (VC) firms that are supporting many of the SaaS-only vendors in the market; as well as growing awareness that valuing these businesses purely on the numbers of subscriptions does not add up in the long term, creating a potentially flawed business model. With a VC’s primary focus on gaining a short term return on investment, this can create an aggressive and unbeneficial work ethic for the company – and create a high risk business partner. An in depth assessment of product and vendor stability is key to minimise risk and ensure that product development will continue.

5.     Strategic Direction

There are any number of factors that will influence an organisation’s decision to move from On-Premise to the cloud. If the company is global and there is a desire to share data from a single system, SaaS can be great. However if offices are in locations where internet access is limited or unreliable it can be a disaster.

Staff readiness is also an issue. If the existing infrastructure is supported and maintained in house, what is the migration plan? What will happen to the business divisions that currently perform this function? And if some applications, such as finance, are set to remain On-Premise, how much cost can be released by consolidating the infrastructure?

Conclusion

The way the software is delivered to the business has become increasingly important in recent years – and without doubt the popularity of the SaaS model will continue to grow. It offers a host of benefits from both a cost and IT resource perspective; and it enables a company to focus on its core skills, namely recruitment, and leave the IT to someone else! But it will never suit every organisation – especially those with highly sensitive data that will always prefer to retain control with an On-Premise deployment.

Whatever route the business takes, it is essential not to get shanghaied by the entire deployment methodology debate at the expense of the quality of the software. This is an investment in technology that drives the business – there is no room for mistakes. Choice is essential: should the software vendor be dictating the way the business deploys its IT strategy?

A vendor that can offer a fully functional, robust solution that can be deployed to suit specific business requirements – On-Premise, SaaS Single-tenant or Multi-tenant – delivers the breadth of options required to truly get the best, long term solution for the business.