October 31, 2014 | Written by: Frank Bauerle
Share this post:
Earlier this year, there was an excellent post on Thoughts on Cloud that debunked three common myths associated with software as a service (SaaS).
After reading the post, I thought it would be useful to address three additional myths that I’ve had to deal with in my work with the different SaaS products and teams in the IBM Business Analytics organization.
Myth: If it’s not multitenant, it’s not SaaS
There are those who believe that without a multitenant solution, you cannot have an effective SaaS offering.
Are there efficiencies and economies that can be realized in a multitenant SaaS offering that a single-tenant offering cannot provide? Absolutely. Hardware can be shared, which means the offering can be more cost competitive in the marketplace. A multitenant environment is simpler to manage because there are less moving parts to fail. There is less to support from an operations standpoint.
But are there reasons for deploying your SaaS offering as a single-tenant solution? Of course:
- Regulated workloads: When assessing your compliance with regulatory requirements, shared environments are frowned upon. Co-locating or co-mingling data from multiple clients is a no-no.
- Strategic decision to get your product into the market: When you introduce your SaaS offering to the marketplace, it may be more cost effective to deploy and offer your solution in its current incarnation and later look at how you can refactor your product.
- High demands on infrastructure: Complex SaaS offerings that place high demands on infrastructure (for example, an application that has high input/output requirements) may be better served by provisioning and operating a single-tenant solution. You don’t have to deal as much with noisy neighbors as in a multitenant solution.
Myth: Security is a concern for SaaS offerings
Some companies believe that the cloud is just not secure. They just cannot believe that a cloud solution can be built to essentially the same security standards as if it were hosted in their own data center.
To phrase it succinctly, it’s just flat out untrue to say that SaaS cannot be secure.
Each SaaS product for business analytics that IBM supports must follow a standard implementation to make sure that the clients are provided a secure environment.
The IBM solution consists of:
• Highly available dedicated firewalls to protect and segregate components.
• Monitoring of the network and systems to ensure a secure environment. Alerts are captured and routed to an operations team responsible for managing and responding.
• IBM QRadar Security Intelligence Platform for collecting and analyzing system security logs, and Nessus scanning to help detect and assess networking threats.
• Leading anti-malware solutions that are centrally managed.
• IBM Endpoint Manager for patching and health checking.
• Data encryption applied to data in motion. Where required and requested, IBM will encrypt data at rest.
• Integration with client authentication models (through technologies such as SAML2.0) to provide clients with a stronger sense of security.
• Auditable processes for managing SaaS environments, whether it is managing privileged access to servers, performing maintenance, or onboarding and offboarding system administration.
• A stated goal to comply with SSAE16 for all SaaS offerings that are supported and hosted.
Myth: SaaS can’t be easily integrated into your enterprise
Some people think that SaaS can only be accessed as an application and that it is difficult if not impossible to integrate SaaS into their enterprise business processes.
In working with the various business analytics product teams, I have found this not to be the case.
Integration can be as simple as implementing single sign-on (SSO) capabilities to allow users to access the SaaS application as they would an on-premises application.
It can be as simple as integrating file transfer methods to allow multiple SaaS offerings to utilize the same shared or common SFTP services, which can reduce the time it takes the business to load its data into its SaaS instances.
It can also be as complex as integrating workflows between a client’s on-premises applications and the SaaS offering. I recently worked with a team that offered telecom expense management business process as a service (BPaaS). While it was sold as a SaaS offering, it was fundamentally an offering that required extensive customization that allowed a workflow to be tailored to support multiple integration points for the process of telecom expense records.
To learn more about what SaaS solutions IBM has to offer, visit the IBM Cloud marketplace.
What do you think? Leave a comment below or connect with me on Twitter @FRBauerle.