This is part one of a three-part series on Software as Service from Barney Beal, news director at SearchCRM.com.
TABLE OF CONTENTS
• Software as a Service: Working with Web-based apps
• What constitutes Software as a Service?
• Tackling Software as a Service integration issues
• Everyday challenges and the future of Software as a Service
The market and diversity of Software as a Service (SaaS) applications continues to expand, particularly for enterprise resource planning (ERP) applications. NetSuite, a SaaS-based vendor backed by Oracle CEO Larry Ellison, has for years boasted a full ERP, CRM and e-commerce suite, and recently Coda, a U.K.-based ERP software vendor, rebuilt its ERP application to run as a service on the Salesforce.com platform.
Even SAP, a longtime critic of the SaaS model, has ventured into the SaaS waters, albeit with mixed results. Two years ago, with much fanfare, it announced it would create a full Software as a Service ERP suite for the midmarket, only to scale back the project when it had difficulty making the business profitable.
Supplier relationship management applications have also garnered SaaS interest. Last year, General Electric Co. entered into a partnership with Aravo Solutions Inc. to manage its 500,000 suppliers.
What is SaaS…and what isn't?
But as the diversity of SaaS-based applications grows and more vendors, both startups and established technology vendors, enter the market, the confusion concerning what is and isn't SaaS has also increased.
Most SaaS applications are offered via a multi-tenancy model. In fact, some insist that to be true Software as a Service, an application has to be multi-tenant (i.e., run on a shared database and server, thereby producing economies of scale and simplifying tasks such as upgrades). Several emerging offerings, however, blur this line.
Oracle, for example, offers a single-tenant option for its CRM On Demand product. It provides a dedicated database, middleware and application instance for each customer. According to Oracle, the option offers customers that need more control over their data, such as financial services companies and health organizations, along with better compliance controls and flexibility of upgrade schedules. Oracle also offers an option called At Customer, where Oracle builds and maintains the application but it is housed in a customer's own data center.
When SAP first released a SaaS CRM application to help it compete with Salesforce.com, which was siphoning off its customers, SAP similarly touted the advantages of what it called "isolated tenancy." Isolated tenancy and the subsequent "mega-tenancy" took advantage of the scale of multi-tenancy while maintaining separate application instances for each customer, according to the company.
When it first unveiled Business ByDesign, SAP characterized the application as isolated tenancy. Yet just seven months after it outlined its plans for Business ByDesign, SAP declared it would scale back development of the product given "customer feedback." SAP is now developing a multi-tenant version.
Just who is sparking this SaaS confusion?
These large application vendors are responsible for much of the confusion about what constitutes SaaS, according to Gartner's Ben Pring.
"I think the incumbents -- the big software companies that for the last few years have been ambivalent about how to react to this -- have done a good job of confusing [the issue] and drawing customers to their solution and away from lower price points," Pring said.
"It's becoming so confused that they're basically able to draw the string out of that competitive threat and get people to stay within their camp by saying, 'We've got SaaS,' when in reality it's just a hosted offering," Pring added. "You're transferring the management cost to them."
So while SaaS buyers should pay careful attention to the architecture of SaaS vendors, several other considerations tend to weigh more heavily in the decision to use Software as a Service applications.
Software as a Service and security
Since SaaS applications emerged on the market, companies have expressed concerns about the security risks of a provider housing its data off-site and accessible via the Web. But as companies realize that established SaaS vendors have security controls that are far more stringent than their own, early concerns about SaaS security have largely been alleviated.
But as SaaS moves further into the enterprise and IT shops take a greater interest in the delivery model, security has re-emerged as an issue.
"The vast majority of SaaS buyers so far have been business people rather than IT," Pring said. "Business, if they see the VeriSign logo on the site, that's good enough for them. It's the technology people who throw up their hands in horror and say there's more to it than that."
Larger enterprises jumping on the SaaS bandwagon have helped reassure buyers as well. Siemens, a heavy SAP user, recently agreed to a 420,000-user deployment of SuccessFactors HR. The Japan Post rolled out Salesforce.com CRM to 45,000 users at post offices across Japan. Along with major corporations expressing faith in SaaS, companies have realized that SaaS vendors often have more expertise in managing applications than they do themselves.
"Along those lines, one of the key things we see with disaster recovery is companies considering how that relates to the alternative," said Liz Herbert, a senior analyst at Cambridge, Mass.-based Forrester Research Inc.
One Forrester client, for example, had researched a SaaS application for IT management and pushed for a 24-hour disaster recovery window. But when the vendor asked about the company's own window, it was 72 hours. "When considering what they demand internally and from IT, it gives them perspective," Herbert said.
SaaS concerns beyond security
In fact, a survey last year of 318 organizations that had implemented SaaS by the Midvale, Utah-based Burton Group found two other factors -- connectivity and customization -- were much more significant than information security breaches. Among respondents, 45% had experienced poor connectivity over the past two years and 35% of respondents cited limited ability to customize an application.
As companies consider their SaaS options, however, security does remain an issue.
"If it's something we want to get up and running quickly we use hosted. But if we have security and privacy issues or need more customization, we tend to look more in-house," said Martin Ross, vice president of technology for Healthscreen Solutions Inc., a Toronto-based company that provides billing, electronic medical records, and scheduling products and services to doctors in Canada.
Healthscreen runs its sales operations on SugarCRM, a commercial open source CRM system and uses Google Apps for email and calendaring.
"In general, there's no question hosted is a lot cheaper to maintain and deal with, so whenever possible, we try to go with hosted as the default," Ross said.
Naturally, some applications are easier to make the case for SaaS. Inverness Medical Innovations Inc. was one of the first customers of Workday, a SaaS-based human resources application.
"Payroll and financials probably feel there's a lot more at risk, where in HR it was functionality and privacy that are the main things," said Kristin Ferrara, an associate director of HRMS at Inverness. "Of all the departments, we were the ones who could take the risk first."
ABOUT THE AUTHOR:
Barney Beal is the news director at SearchCRM.com. Write to him at email@example.com.
Editors' note: This chapter on Software as a Service is the third part of an e-book on cloud computing that also includes chapters on CIO strategies for the cloud, development for the cloud and Infrastructure as a Service.
This was first published in August 2010