What is software as a service (SaaS)?
Software as a service (SaaS) is a cloud-based software delivery model in which providers host applications and make them available to users over the internet. SaaS users typically access applications by using a web browser or app.
The SaaS provider is responsible for operating, managing and maintaining the software and the infrastructure on which it runs. The customer simply creates an account, pays a fee and accesses the software.
Some industry historians trace the origins of SaaS to the 1950s, when applications running on mainframes were delivered to remote terminals. But SaaS as we know it today began in 1999, when Salesforce launched its customer relationship management (CRM) system as cloud-hosted software delivered to web browsers.
Today SaaS is the most common public cloud computing service and the dominant software delivery model. Much of the software that workforces use—from everyday tools like Slack (for messaging) and Dropbox (for file storage and sharing), to core business applications such as enterprise resource planning (ERP), human resources and workforce optimization platforms—is delivered using the SaaS model.
Large and enterprise-sized businesses (those with more than 5,000 employees) used an average of 131 SaaS application in 2024.1 Industry analysts estimated the global market size of SaaS applications at nearly USD 400 billion (USD 399.1 billion) in 2024, with the market expected to grow to USD 819.23 billion by 2030.2
Compared to traditional software, SaaS offers businesses of all sizes—from startups to massive global organizations—ease of access, faster time-to-value, reduced management expenses and predictable costs.
Industry newsletter
The latest tech news, backed by expert insights
Stay up to date on the most important—and intriguing—industry trends on AI, automation, data and beyond with the Think newsletter. See the IBM Privacy Statement.
Your subscription will be delivered in English. You will find an unsubscribe link in every newsletter. You can manage your subscriptions or unsubscribe here. Refer to our IBM Privacy Statement for more information.
SaaS takes advantage of cloud computing infrastructure and economies of scale to provide customers a more streamlined approach to adopting, using and paying for software. All SaaS applications share these characteristics:
SaaS applications are built to be hosted on the cloud. SaaS software vendors can host application on their own cloud infrastructure or with a cloud service provider. Hosting with an established provider can help businesses achieve greater scalability and global accessibility.
SaaS applications are accessible to any customer with an internet connection and an internet-connected user device. SaaS applications typically run in any web browser and on any computer or mobile device, but they often run more effectively on mobile phones and tablets. And in some instances, SaaS applications can offer or require a dedicated thin client, a lightweight computing device that runs remotely on resources stored on a central server.
SaaS applications use multi-tenant architecture, where a single instance of a software application (and its underlying database and hardware) serves multiple tenants (or user accounts). To maintain data security and privacy, each tenant’s application data, user data, system data and custom configurations are segregated from those of other customers.
SaaS applications require little to no management and zero maintenance from the customer. The SaaS vendor is responsible for provisioning, managing and maintaining all the servers and infrastructure required to run the application, and for applying feature upgrades and security patches when necessary. They provide load balancing and data backup features, infrastructure redundancies, and disaster recovery services to prevent outages and meet service level agreements (SLAs).
Many SaaS vendors also provide application programming interfaces (APIs) their customers can use to integrate the SaaS app with other SaaS or traditional software applications.
Cloud computing refers to on-demand access to computing resources—physical or virtual servers, data storage, networking capabilities, application development tools, software, AI-powered analytic platforms and more—over the internet.
Cloud computing provides a broad framework for delivering a range of IT resources and web-based services, and SaaS is a specific subset of cloud computing. While SaaS focuses specifically on delivering software applications, cloud computing also includes other service models, such as infrastructure as a service (IaaS)—which provides on-demand access to infrastructure and networking resources—and platform as a service (PaaS)—which offers cloud-based environments for developing and testing software.
Furthermore, cloud services can be used independently of each other. Businesses choose to adopt PaaS without adopting IaaS or to adopt SaaS without relying on IaaS or PaaS solutions. However, SaaS cannot exist without the underlying cloud infrastructure that hosts and delivers the software to users, so cloud computing services are essential to SaaS applications.
Though many enterprises opt to use all three cloud service models, each model is designed for different customer needs and gives varying levels of IT responsibility to the provider.
IaaS
Infrastructure as a service (IaaS) offers a cloud-based alternative to on-premises computing infrastructure, delivering physical and virtual computing resources (hosted in data centers by IaaS providers) to users.
IaaS is a versatile solution suitable for organizations of any size. It gives businesses complete control over their IT infrastructures, while providing a flexible, scalable data center solution that can expand or contract as business needs evolve.
However, IaaS is the most hands-on of the three models. It supplies only the basic infrastructure. IT teams are still responsible for managing operating systems, applications, middleware and runtime environments. Compared to the other models, IaaS provides fewer preconfigured components, so even skilled IT teams can find the workload and associated costs extensive, if they aren’t equipped to handle the additional management responsibilities.
Let’s say that an organization wants to deliver a customer relationship management (CRM) application to consumers. Using IaaS, developers can build out the backend IT infrastructure on the cloud and then use the custom infrastructure to create its own development platform and application. The IT team would have full control over OSs and server configurations, but they would also bear the burden of managing and maintaining them, along with the development platform and the application.
But, just like other as-a-service solutions, IaaS can be appealing to companies wanting to move away from the demands of managing on-premises hardware.
IaaS’s pay-as-you-go pricing model (currently the most popular pricing model for IaaS) can accommodate organizations with a range of budgets. And for businesses with unpredictable workloads or startups undergoing rapid growth, the customizability of IaaS services can prove ideal, especially if their IT departments lack the resources for major infrastructure investments.
PaaS
Platform as a service (PaaS) provides a cloud-based platform for developing, running, managing applications.
PaaS acts as the middle layer in the cloud computing stack, bridging the gap between IaaS and SaaS. It combines the flexibility and customization options of IaaS with the streamlined workflows and rapid deployment benefits of SaaS, making it the most efficient and cost-effective option for developers building custom applications.
PaaS builds upon the IaaS model by not only providing the basic infrastructure but also offering managed OSs, middleware and runtime environments. These resources make it easier for developers to deploy applications and build CI/CD pipelines, but they also limit customization options and user control over the environment.
Staying with the CRM example, developers can use PaaS to build a custom CRM application. In this case, the company offloads infrastructure and development resource management to the service provider, and the business retains control over application features. But the business also assumes responsibility for managing the application and its associated data.
Nonetheless, PaaS platforms are essential for managing enterprise-level software development practices. They relieve developers from routine tasks (such as code integration and database management), but they still enable innovation and app customization—a level of flexibility not available with SaaS.
Generally, PaaS is best suited for companies seeking a comprehensive development environment and for geographically dispersed teams operating across platforms and regions. It can also be helpful for businesses working with limited IT budgets, since PaaS enables teams to build apps without the significant costs that can come with creating in-house development platforms.
SaaS
With SaaS, the cloud provider handles everything from application development to infrastructure maintenance. Users simply access the application using a web browser, without needing to install or maintain anything and without restrictions on device type or location. While the user can configure certain settings and manage permissions, the SaaS provider handles all aspects of maintenance, security and updates.
SaaS applications are best suited for businesses seeking ready-to-use software applications that function reliably with minimal effort on their part.
For example, let's consider a calendar application. Users want the ability to add events, meetings and appointments without the hassle of configuring settings or worrying about keeping the software updated. If a server fails due to a misconfiguration or a security breach, users expect the SaaS provider to address the issue and restore their access to the application (ideally without service disruptions).
Many of today’s software apps are SaaS applications, including entertainment platforms (such as Netflix and Spotify), email and communication tools (such as Slack and Gmail) and project management tools (such as Salesforce and HubSpot).
However, the convenience of SaaS comes with tradeoffs. Users have little to no administrative control or ability to customize the software, and integration options can be limited. Using SaaS also means that the user doesn’t own the software. The provider retains control over the platform and your data, which limits user oversight.
Let’s revisit the CRM example. In this case, the business would select a ready-made SaaS CRM solution, offloading all day-to-day management but relinquishing control (over features and functionality, data storage, user access and security) to the cloud provider.
If a business requires greater control or customization, PaaS or IaaS paired with proprietary software might be better options. But because SaaS apps are easy to deploy and require no minimal setup, they’re still a favorite among enterprises that rely on distributed and remote teams.
Model as a service (MaaS) delivers pre-trained, cloud-hosted machine learning (ML) and artificial intelligence (AI) models to users through APIs. It enables businesses to continuously integrate up-to-date ML models and AI technology into their applications, so they can leverage ML without expending the financial and human resources it takes to build and train models from the ground up.
MaaS solutions help developers automate and optimize tasks such as anomaly detection, speech recognition, sentiment analysis and computer vision (which enables AI-enabled systems to “see” and derive meaningful information from visual inputs).
Though MaaS and SaaS are different in their purpose, MaaS tools can enhance the functionality of SaaS applications. Developers can use MaaS APIs to add ML-based features (such as personalized recommendations, chatbots and fraud detection) to SaaS programs. And because MaaS providers handle all the model updates and improvements, MaaS-enabled SaaS applications work with the latest ML advancements, and provide users with immediate access to the latest ML features.
Despite its advantages, SaaS does introduce potential risks and challenges that customers, particularly enterprise customers, need to be aware of.
SaaS apps’ ease of adoption and use can result in SaaS sprawl—the unchecked proliferation of SaaS applications within an organization. SaaS sprawl isn’t typically intentional. Rather, decentralized procurement and a lack of enterprise-wide guidance and policy can lead to bloated SaaS portfolios that waste money, complicate workflows and create data siloes.
Sprawling SaaS ecosystems also contribute to a phenomenon known as “shadow IT," where software applications are used on an enterprise network without the IT department’s approval, knowledge or oversight. Shadow IT can pose significant security risks.
If IT staffers don’t know what software users are using, they can’t ensure that the software is secure. Shadow IT exacerbates bad cloud security practices, such as using the same password for multiple applications, increasing the organization’s overall vulnerability to attackers.
SaaS applications also require businesses to relinquish control over data management. With other cloud computing models, users have more control over how customer data is stored, managed and secured, so teams can tailor their configurations to meet specific business and computing needs. The SaaS business model requires users to entrust their data—and the management thereof—to a third-party provider.
Another potential risk is vendor lock-in. SaaS apps can’t be moved to another vendor if the current vendor no longer meets the current vendor’s application no longer meets the customer’s performance, functionality or business requirements. Instead, the user must find a new app that serves the same purpose, which can be challenging in some cases.
The benefits and advantages of SaaS are best understood in comparison to traditional software—software installed and managed on on-premises infrastructure:
- SaaS provides faster—even instant—adoption and time-to-benefit. Customers can purchase and start using SaaS applications immediately, sometimes in minutes, for a minimal upfront cost (typically the first month’s subscription price). By comparison, traditional software might require purchasing and provisioning servers, installing software on every user device, and budgeting for and purchasing a full license for every user.
- SaaS provides access to new features and versions as soon as they’re available. SaaS providers upgrade features and add functions in real time, several times a week, often without customers even noticing. They can even upgrade the interface and user experience without disrupting the customers’ work. With traditional on-premises software, frequent upgrades are so costly and disruptive that customers might wait months for the feature to appear in a new version (if they don’t choose to skip some upgrades altogether).
- SaaS enables cost-effective, on-demand scalability. Customers can scale SaaS applications up and down as needed, by simply upgrading or downgrading tiers or purchasing more capacity. Traditional software requires users to purchase more capacity in anticipation of usage spikes—capacity that often sits idle until it’s needed.
- SaaS offers predictable costs and dramatically lower overhead. With SaaS, there’s no need to budget for infrastructure to run the software on, for software upgrades (and the infrastructure to support them), or for in-house IT staff to install, upgrade and maintain the software. Most of the expenses go directly to software use.
SaaS applications are available in various subscription-based, pay-as-you-go pricing models that differ from traditional software licensing.
Traditional software relies on an ownership-based model. Users pay significant—but fixed—upfront costs (and perhaps an ongoing maintenance fee) for a perpetual license that provides to access software and related services for a specific period. This payment structure makes it difficult to scale or adjust software resources without repurchasing the application or applying significant upgrades.
SaaS applications use an access-based model, where users pay recurring fees for a subscription license that provides a specific number of resources or access to a specific set of features. SaaS providers offer flexible pricing that enables users to scale resources as their needs change. They include:
Flat-rate pricing
Flat-rate pricing is the most straightforward approach: one plan, one price. A flat-rate model provides access to all features for a single, fixed price. The user pays a monthly or annual fee for unlimited use, regardless of whether they use the service a little or a lot.
Flat-rate pricing models might alienate budget-conscious customers who feel the plan exceeds their budgetary constraints and business needs, but this model can be attractive for businesses seeking consistent, predictable SaaS pricing.
Usage-based pricing
Usage-based, or pay-as-you-go, pricing models allow customers to pay for SaaS access based to the resources they use. The more resources the customer needs, the more they pay for the service. For example, an email application might charge users based on the number of emails they send each month.
Usage-based models can make it difficult to consistently predict SaaS costs, but because usage-based SaaS models can scale with the user, so they’re a good option for a range of customer types.
Tiered pricing
SaaS vendors offer pricing “tiers” based on feature access, user count or resource usage. For example, a SaaS email marketing solution might offer a “standard” tier for up to 5,000 contacts for USD 250 per month, a “pro” tier for up to 20,000 contacts for USD 500 per month, and a “business” tier for 100,000 contacts plus landing page design and hosting for USD 600 per month.
For large companies, SaaS vendors might offer an “enterprise” tier that allows a more granular selection of features, priority support, special SLA terms and even negotiable pricing.
Tiered pricing lets customers choose the best plan for their functional needs and their budget and makes scalability as easy as moving up to the next tier. Most tiered subscription pricing offers a discount to customers who pay for an entire year at once, and a pro-rated price adjustment for customers who change tiers mid-subscription.
User-based pricing
User-based pricing models enable customers to pay “per seat” for SaaS access. Costs increase based on the number of users that need access to the application.
With user-based models, customers can see a clear, linear relationship between SaaS costs and value added, but this model can sometimes limit further adoption of the product. If the user doesn’t want to pay more, they might choose not to add more seats or to assign multiple users a single login.
Free or ‘freemium’ pricing
Most SaaS vendors offer a version of the software that customers can try for a short period of time (typically a week or a month) for no upfront cost. These no-cost trials allow users to access to all the software’s features but limit the number of times or the extent to which those features can be used.
Some SaaS companies offer ‘freemium’ versions of their applications. Freemium versions are always free. They offer a limited but useful subset of the full product’s features or unlimited features that periodically require users to view advertisements before continuing work.
The SaaS industry is undergoing rapid transformation, driven by emerging technologies and innovative delivery approaches. These advancements are not only improving the functionality and reach of SaaS products but are also redefining how businesses and end users interact with software. Some examples include:
SaaS providers are focusing on mobile-first development, a development strategy that prioritizes designing websites and apps for smaller screens (such as smartphones and tablets). Today, more and more users are accessing applications and completing everyday tasks on their mobile devices. Mobile-first development helps ensure that core app functions are optimized for mobile devices so that mobile users have the same seamless experience desktop users are accustomed to.
Modern SaaS providers are also turning to AI to deliver smarter, more efficient, more secure solutions. Predictive analytics is a standout feature, helping companies pinpoint and anticipate market trends, streamline operations and personalize the user experience. And providers are incorporating natural language processing (NLP)—which enables computers to understand and communicate with human language—into SaaS applications to make interfaces more intuitive and user-friendly.
SaaS companies are using AI technology to bolster app security and to move toward AI-driven security features (such as intelligent threat detection). For instance, some providers are using generative AI to map and secure API endpoints, which can number in the hundreds (or thousands) and create significant security risks. However, they’re also using other advanced tools to safeguard app and user data from cyberthreats.
Many businesses rely on a zero trust security posture to protect SaaS applications. Zero trust security takes a “never trust, always verify” approach instead of granting implicit trust to SaaS users. It relies on continuous verification and authentication protocols to secure connections between users, applications, devices and data.
This granular security approach helps address the cybersecurity risks posed by remote workers, hybrid cloud services, personally owned devices and other elements of today’s corporate networks. Providers are also increasingly reliant on automated compliance frameworks (which help ensure that SaaS security measures align with industry compliance standards) and identity and access management (IAM) tools (which protect digital identities and user access permissions so that only authorized users can access SaaS data).
Low-code and no-code platforms are democratizing SaaS application development, making it accessible to users with little or no programming experience. Using intuitive, visual interfaces, these platforms help non-technical users to build solutions independently, reducing the workload on IT departments.
SaaS providers are increasingly offering products—called vertical SaaS solutions—that deliver targeted features and help businesses solve niche problems right from the start. Unlike traditional SaaS offerings, vertical SaaS solutions are designed for specific industries to address unique challenges that horizontal (general-purpose) SaaS cannot.
For instance, healthcare SaaS platforms might include features that assess HIPAA compliance and manage electronic health records, while a construction-focused SaaS might provide specialized and supply chain optimization tools.
Micro-SaaS offerings are also increasingly common. Micro-SaaS solutions are highly targeted, ultra-niche applications that address specific market needs with compact, agile solutions. Typically developed and maintained by small teams or even solo entrepreneurs, micro-SaaS often integrates tightly with popular platforms (such as Shopify, Salesforce or Slack) to enhance their functionality.
A micro-SaaS application can, for example, integrate with marketing tools to optimize social media posts an improve impression metrics for a specific platform.
Resources
Transform data and services into seamless, connected experiences for everyone and everything.
Connect, automate, and break data silos to unlock innovation and speed with secure, unified integration.
Maximize hybrid cloud value in the agentic AI era. Accelerate transformation, modernize applications, and automate IT to drive efficiency, sustainability, and faster innovation.