Click here to close now.

Welcome!

Cloud Expo Authors: Pat Romanski, Elizabeth White, Liz McMillan, Bart Copeland, Carmen Gonzalez

Related Topics: Open Source, Cloud Expo, Security

Open Source: Blog Feed Post

The Top Five SaaS Risks and How to Mitigate Them

Business and technology leaders alike need to understand and balance both the benefits and the risks of SaaS

By Lonne Jaffe - You may have heard that cloud computing and Software-as-a-Service (SaaS) models can turn software technology into a pay-as-you-go utility that businesses can “plug in to” and use like electricity?

Perhaps — however, software technology is far more varied, nuanced and diverse than electricity. You don’t win customers by having better electricity than your competition. Software, by contrast, absolutely is a competitive differentiator for any business today. Companies in industries as varied as retail and finance use software at the very core of their value proposition to customers. It lets them deliver a variety of services to their customers, improve operational efficiencies, create new offerings and a lot more.

That’s not to downplay the business flexibility that SaaS can bring. Being able to “switch on” software and infrastructure delivered as a service for a metered fee can be an attractive alternative to having to build and manage your own IT environments.

However, as with all shiny new things in technology, buyer beware. Business and technology leaders alike need to understand and balance both the benefits and the risks of SaaS. With this in mind, here are five potential risks technology executives should consider about SaaS and some thoughts on how to manage them.

  1. SaaS Can Have Hidden Costs. The SaaS model typically involves pay-as-you-go, or term-based licensing, in which your organization pays monthly or annual fees based on some metrics (number of seats, number of queries, amount of data, etc.). There are certainly many situations in which this is more attractive than investing in servers, software licenses and IT manpower up front. The ability to keep cash on the balance sheet and to pay for software as it’s consumed (“by the drink,” as it were) can be helpful. For a growing business, the SaaS model lets you start small and scale up as the business becomes more successful over time. That said, don’t mistake this for “cheaper.” SaaS is not always cheaper, especially when factoring in the cost of learning and managing a new environment, and the often considerable effort of moving existing technology workloads onto a new SaaS platform. Make sure you consider all of these costs when you’re evaluating the total cost of ownership of a SaaS initiative.

  2. SaaS Can Introduce Bandwidth Issues. Moving to a cloud-based app can have a tremendous impact on your network infrastructure. There are circumstances where the data is so massive that it has a sort of “gravity” to it. The amount of data that can be transmitted over the Internet and the reliability of the network connections have improved dramatically, but it’s still difficult to move these large pools of data over the public Internet . Because of this, companies might find they need to have their compute power located physically close to the data to get the scalability and performance essential for high-profile, enterprise-grade systems.

  3. SaaS Can Accelerate the Rogue Cloud. SaaS can empower more tech-savvy business users, but it also encourages rogue software purchases. All it takes is a corporate credit card, and the business user is off and running with a new SaaS application, sometimes without consulting the technology leadership in the business. Of course, as my colleague Andi Mann has written about, this is not necessarily a bad thing and can be used to encourage skunk works innovation. But at the end of the day, the CIO remains responsible for the security, management and performance of the overall technology infrastructure. The breakdown in coordination caused by the rogue cloud adds complexity and risk to the job. I recommend investing in third-party software that helps CIOs: manage the performance of the SaaS applications; select ideal vendors based on price, performance, capability and quality of service; and secure the applications and data now seeping outside of the enterprise’s four walls.

  4. SaaS Requires a New Take on Security. The old perimeter model of walling off the data center to keep the bad guys out simply doesn’t work in a world where IT infrastructure and applications increasingly reside on public, private and hybrid clouds. When your data and compute power are scattered across the Internet, you can’t put a walled perimeter around it to keep it safe because there’s nothing concrete to put a wall around. A better paradigm: use “identity” as the new perimeter. Wherever data and applications reside, they can be locked down and secured using sophisticated identity and access management solutions that continuously evaluate and manage who is accessing systems and data. And advanced data-level encryption can be used to ensure that data— whether at rest or in motion— can’t be read by the bad guys.

  5. SaaS Has a Blindside. SaaS service providers do offer insight into the performance of their applications and platforms, but in many cases, their management capabilities are not good enough. As your organization increases its dependence on outside software resources, visibility into your technology environment’s performance could suffer. Look for management software that can help you monitor and proactively manage these critical SaaS applications across both cloud and non-cloud environments.

Businesses are reaping tremendous benefits from the use of SaaS services for a wide variety of applications, and the use of SaaS will only grow with time. Yes, it can be cheaper, faster, and more flexible than in-house implementations. But like everything else in life, SaaS is not without risks and needs a well-informed approach coupled with next-generation management and security software to ensure the benefits and mitigate the risks.

Read the original blog entry...

More Stories By Denise Dubie

Denise Dubie (@DDubie) is New Media Principal in CA Technologies Thought Leadership Group. She is charged with creating content relevant to today’s most pressing technology and business trends for industry leaders and IT professionals.

Prior to joining the company in 2010, Dubie spent 12 years of her career at Network World, an IDG company, covering the IT management industry and all of its players (including CA Technologies and its competitors) as well as high-tech careers, technology trends and vendors such as Cisco, HP, IBM and Microsoft. As Senior Editor at Network World, Dubie also authored the publication's twice-weekly Network and Systems Management Alert newsletter and contributed to the Web site's Microsoft Subnet blog. Before IDG, she served as Assistant Managing Editor at Application Development Trends, managing writers and the monthly publication's production process.

Dubie started her professional journalism career as a Staff Writer/Reporter at The Transcript, a small daily paper in Western Massachusetts.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
SYS-CON Events announced today that Gridstore™, the leader in hyper-converged infrastructure purpose-built to optimize Microsoft workloads, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Gridstore™ is the leader in hyper-converged infrastructure purpose-built for Microsoft workloads and designed to accelerate applications in virtualized environments. Gridstore’s hyper-converged infrastructure is the ...
Cryptography has become one of the most underappreciated, misunderstood components of technology. It’s too easy for salespeople to dismiss concerns with three letters that nobody wants to question. ‘Yes, of course, we use AES.’ But what exactly are you trusting to be the ultimate guardian of your data? Let’s face it – you probably don’t know. An organic, grass-fed Kobe steak is a far cry from a Big Mac, but they’re both beef, right? Not exactly. Crypto is the same way. The US government require...
of cloud, colocation, managed services and disaster recovery solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. TierPoint, LLC, is a leading national provider of information technology and data center services, including cloud, colocation, disaster recovery and managed IT services, with corporate headquarters in St. Louis, MO. TierPoint was formed through the strategic combination of some of t...
SYS-CON Events announced today Sematext Group, Inc., a Brooklyn-based Performance Monitoring and Log Management solution provider, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Sematext is a globally distributed organization that builds innovative Cloud and On Premises solutions for performance monitoring, alerting and anomaly detection (SPM), log management and analytics (Logsene), search analytics (S...
SYS-CON Events announced today that Stratoscale, the new data center operating system, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Based in Herzeliya, Israel, Stratoscale is redefining the data center, developing a hardware-agnostic, software platform hyper-converging compute, storage and networking across the rack or data center. The self-optimizing platform automatically distributes all physical...
Hadoop as a Service (as offered by handful of niche vendors now) is a cloud computing solution that makes medium and large-scale data processing accessible, easy, fast and inexpensive. In his session at Big Data Expo, Kumar Ramamurthy, Vice President and Chief Technologist, EIM & Big Data, at Virtusa, will discuss how this is achieved by eliminating the operational challenges of running Hadoop, so one can focus on business growth. The fragmented Hadoop distribution world and various PaaS soluti...
SYS-CON Media announced today that Blue Box as launched a popular blog feed on Cloud Computing Journal. Cloud Computing Journal aims to help open the eyes of Enterprise IT professionals to the economics and strategies that utility/cloud computing provides. Blue Box Cloud gives you unequaled agility, without the burden of designing, deploying and managing your own infrastructure. It’s the right choice when public cloud just won’t do. Blue Box Cloud is a managed Private Cloud as a Service (...
When an enterprise builds a hybrid IaaS cloud connecting its data center to one or more public clouds, security is often a major topic along with the other challenges involved. Security is closely intertwined with the networking choices made for the hybrid cloud. Traditional networking approaches for building a hybrid cloud try to kludge together the enterprise infrastructure with the public cloud. Consequently this approach requires risky, deep "surgery" including changes to firewalls, subnets...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading in...
MeriTalk, a public-private partnership focused on improving the outcomes of government IT, today announced the results of its new report, "The Agile Advantage: Can DevOps Move Cloud to the Fast Lane?" The study, underwritten by Accenture Federal Services, reveals that approximately two-thirds of Feds say DevOps will help agencies shift into the cloud fast lane - improving IT collaboration and migration speed. But help is needed, with 66 percent saying that their agency needs to move IT services ...
There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. 8th International Big Data Expo, co-located with 17th International Cloud Expo - to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA - has announced its Call for Papers is open. As advanced data storage, access and analytics technologies aimed at handling high-volume and/or fast moving data all move center stage, aided by the cloud computing bo...
Move from reactive to proactive cloud management in a heterogeneous cloud infrastructure. In his session at 16th Cloud Expo, Manoj Khabe, Innovative Solution-Focused Transformation Leader at Vicom Computer Services, Inc., will show how to replace a help desk-centric approach with an ITIL-based service model and service-centric CMDB that’s tightly integrated with an event and incident management platform. Learn how to expand the scope of operations management to service management. He will al...
Every day we read jaw-dropping stats on the explosion of data. We allocate significant resources to harness and better understand it. We build businesses around it. But we’ve only just begun. For big payoffs in Big Data, CIOs are turning to cognitive computing. Cognitive computing’s ability to securely extract insights, understand natural language, and get smarter each time it’s used is the next, logical step for Big Data.
Enterprises are fast realizing the importance of integrating SaaS/Cloud applications, API and on-premises data and processes, to unleash hidden value. This webinar explores how managers can use a Microservice-centric approach to aggressively tackle the unexpected new integration challenges posed by proliferation of cloud, mobile, social and big data projects. Industry analyst and SOA expert Jason Bloomberg will strip away the hype from microservices, and clearly identify their advantages and d...
DevOps Summit, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long developmen...
The 5th International DevOps Summit, co-located with 17th International Cloud Expo – being held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the...
Over the years, a variety of methodologies have emerged in order to overcome the challenges related to project constraints. The successful use of each methodology seems highly context-dependent. However, communication seems to be the common denominator of the many challenges that project management methodologies intend to resolve. In this respect, Information and Communication Technologies (ICTs) can be viewed as powerful tools for managing projects. Few research papers have focused on the way...
As the world moves from DevOps to NoOps, application deployment to the cloud ought to become a lot simpler. However, applications have been architected with a much tighter coupling than it needs to be which makes deployment in different environments and migration between them harder. The microservices architecture, which is the basis of many new age distributed systems such as OpenStack, Netflix and so on is at the heart of CloudFoundry – a complete developer-oriented Platform as a Service (PaaS...
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises a...
High-performing enterprise Software Quality Assurance (SQA) teams validate systems that are ready for use - getting most actively involved as components integrate and form complete systems. These teams catch and report on defects, making sure the customer gets the best software possible. SQA teams have leveraged automation and virtualization to execute more thorough testing in less time - bringing Dev and Ops together, ensuring production readiness. Does the emergence of DevOps mean the end of E...