SaaS, or software-as-a-service, is application software hosted on the cloud and used over an internet connection via a web browser, mobile app or thin client. The SaaS provider is responsible for operating, managing and maintaining the software and the infrastructure on which it runs. The customer simply creates an account, pays a fee, and gets to work.
Some industry historians trace the origins of SaaS to the 1950s, when applications running on mainframes were delivered to remote terminals. But SaaS as we know it today began in 1999, when Salesforce launched its customer relationship management (CRM) system built from the ground up as cloud-hosted software delivered to web browsers.
Today SaaS is the most common public cloud computing service, and the dominant software delivery model. Much of the software that workforces use - from everyday tools like Slack (for messaging) and Dropbox (for file storage and sharing), to core business applications such as enterprise resource planning (ERP) and human resources/workforce optimization platforms—is delivered via the SaaS model. Compared to traditional software installed on premises, SaaS offers businesses of all sizes—from startups to giant global organizations—the benefits of rapid time-to-value, low-to-no management overhead, and predictable costs.
This popularity will continue to surge. Industry analyst Gartner forecasts worldwide SaaS software revenues to exceed USD 145 billion by the end of 2022 (link resides outside IBM); another analyst, International Data Corporation (IDC), projects the worldwide market for SaaS will grow to USD 302.1 billion by 2025.
SaaS takes advantage of cloud computing infrastructure and economies of scale to provide customers a more streamlined approach to adopting, using and paying for software. All SaaS applications share the following characteristics:
SaaS applications are built to be hosted on the cloud. The SaaS software vendor can host the application on its own cloud infrastructure or with a cloud service provider (such as Amazon Web Services (AWS), Google Cloud, IBM Cloud or Microsoft Azure). Hosting with an established cloud service provider enables the SaaS provider offer the scalability and global accessibility some customers may require.
SaaS applications are accessible to any customer with an internet connection and an internet-connected end-user device (e.g. a computer, mobile phone or tablet). SaaS applications typically run in any web browser; on mobile devices, SaaS applications may run more effectively on (or may require) a mobile or tablet app. A few SaaS applications, such as Adobe Acrobat, may offer or require a dedicated thin client that users download and install on their computers.
SaaS applications exploit multi-tenant architecture, in which a single instance of the application serves every customer. For security and data privacy, each customers’ application data, user data, system data and custom configurations are segregated from those of other customers.
Perhaps most important, SaaS applications require little to no management and zero maintenance from the customer. The SaaS vendor is responsible for
Many SaaS vendors also provide an application programming interface (API) their customers can use to integrate the SaaS application with other SaaS or traditional software applications.
SaaS applications are available in a wide variety of subscription pricing schemes—all of them very different from traditional software licensing, which provided access to the software and related services for a specified period of for a fixed price (or menu of fixed prices).
Free or ‘freemium’ pricing
Most SaaS vendors offer a free version of the software that customers can try for a short period of time, usually a week or a month. Typically these free trials offer access to all of the software’s features, but limit the number of times or extent to which those features can be used; some don’t even require a credit card.
Some SaaS companies offer ‘freemium’ versions of their applications: versions that are always free, with a limited but useful subset of the full products features—or that aren’t limited in any way, but that periodically display advertisements that the user must click away before continuing work. SaaS providers hope that freemium users will eventually graduate to a paid version of the software.
Monthly or annual tiered subscription pricing
For small and mid-sized businesses, SaaS products typically offer pricing ‘tiers’ based on feature set or usage level. For example, a SaaS email marketing solution may offer a ‘standard’ tier for up to 5,000 contacts for USD 250 per month, a ‘pro’ tier for up to 20,000 contacts for USD 500 per month, and an ‘business’ tier for 100,000 contacts plus landing page design and hosting for USD 600 per month. For very large companies SaaS vendors my offer an ‘enterprise’ tier that allows a more granular selection of features, priority support, special SLA terms, and even negotiable pricing.
Tiered pricing lets customers choose the best plan for their functional needs and their budget, and makes scalability as easy as moving up to the next tier. Most tiered subscription pricing offers a discount to customers who pay for an entire year at once, and pro-rated price adjustment for customers who change tiers mid-subscription.
The benefits and advantages of SaaS are best understood in comparison to traditional software - software installed and managed on on-premises infrastructure:
Despite its advantages, SaaS does introduce potential risks and challenges that customers, particularly enterprise customers, need to be aware of.
Because SaaS apps are so easy for users to start using, they can proliferate an organization without the IT staff’s knowledge. This phenomenon, called ‘shadow IT,’ can pose security risks. At a basic level, if IT staffers don’t know what software users are using, they can’t ensure the software is secure. Shadow IT can also exacerbate existing bad security practices—such as using the same password for even more applications—and consequently increase the organization’s overall vulnerability to attackers.
Another potential risk is vendor lock-in, or difficulty moving to another SaaS vendor when the current vendor’s application no longer meets the customer’s performance, functionality or business requirements. For example, if a SaaS application relies on proprietary business logic or a proprietary technology stack, it may be difficult or impossible to move from that SaaS application to another without making significant trade-offs.
SaaS, PaaS and IaaS are the three primary ‘as a service’ computing models offered by cloud service providers. Each appeals to a different kind of cloud computing customer, and off-loads a different degree of IT management to the cloud service provider.
SaaS, as discussed in detail above, is for customers who want to purchase and use a ready-made, cloud-hosted software application via internet connection. SaaS offloads all software development and infrastructure management to the cloud service provider.
PaaS, or platform-as-a-service, provides a complete, fully-managed cloud-hosted platform—hardware, software, development tools and infrastructure—via internet connection for customers who want to develop their own applications. PaaS enables software development teams to build, test, deploy run, update and scale applications more quickly and inexpensively than they could if they had to build out and manage their own platform on-premises.
IaaS, or infrastructure-as-a-service, provides on-demand access to cloud-hosted compute, network, and storage resources on a pay-as-you-go basis. IaaS is for customers who want in-house control over their applications and platform but want to scale and shrink infrastructure resources as-needed—instead of paying the high price of building and managing an on-premises data center with the capacity accommodate highly variable or ‘spiky’ workloads.