713.864.4932 | Live Chat

  • Home
  • Company
  • Blog
  • Why SaaS Is No Longer The Pariah In The Enterprise

Elevology Blog

Why SaaS Is No Longer The Pariah In The Enterprise

Conventional wisdom has it that software as a service (SaaS) is the “insecure but convenient” alternative for IT solutions. However, increasingly sophisticated SaaS solutions and growing awareness of possible limitations with on-premises solutions are turning that conventional wisdom on its head: SaaS might very well be the more secure and enterprise-ready of the two alternatives for a wide class of IT solutions.

Before diving into specific comparisons of SaaS vs. on-premises alternatives, let’s review some common perceptions about SaaS:

Data loss: SaaS is more prone to loss of sensitive data Availability: The cloud has outages and critical services cannot be trusted to SaaS Governance and control: It is harder to lock down and control changes to a SaaS solution

Now, this is by no means an exhaustive list, but it certainly covers the top concerns. Let’s weigh each one and contrast SaaS against the alternative.

Digging Deeper Into Data-Loss

At first glance, it seems like a no-brainer that SaaS solutions have much greater potential for data loss, including:

Loss of sensitive customer information because the SaaS vendor got hacked Theft from a rogue employee at the SaaS vendor

While SaaS vendors attract a lot of negative publicity when they get hacked, that same attention drives them to much higher security standards than on-premises solutions, which have an almost laissez-faire attitude to security because they operate inside the firewall. Security-related loss tends to happen where it is least expected, which means these on-premises solutions actually present substantial risk to a customer organization.

There are several security auditing frameworks to help you understand the extent to which a SaaS solution has protected against data loss, including the well-regarded Cloud-Security-Alliance’s STAR assessment. These audits focus on the techniques SaaS solutions employ to minimize the risk and likelihood of data loss, including:

End-to end-encryption Stripping uniquely identifiable information to de-sensitize data Sharding data into small, uniquely encrypted buckets Enterprise key management to reduce the access of the data within the vendor organization or code Consistent security tests and penetration tests

Another factor to consider is that when IT uses multiple SaaS solutions in their environment, each solution has a dedicated security barrier, which makes it very difficult to compromise the environment in its entirety.

Comparing Service Availability

Conventional wisdom also tells us that SaaS solutions are more prone to outages and availability problems than on-premises solutions. Again, the reality is that SaaS providers tend to be doubly concerned about availability and implement better solutions to guarantee service levels as opposed to making it someone else’s problem.

Let’s dig in a little more to see if that is really the case.

Service availability: SaaS solutions deliver a service. On-premises solutions do not. Almost counter-intuitively, the SaaS provider worries about “the service level agreement (SLA)” from the get-go and designs and implements systems to deliver that SLA. On-premises solutions tend to be more cavalier (although there are always model citizens such as OS and hypervisor products) because the concept of an SLA is not something they are measured against. Instead, IT owns the SLA and if they didn’t configure replication or HA by following the 23-page instruction document to a tee, it isn’t the vendor’s fault. Network availability: Another question is whether dependency on a viable network creates a single-point-of-failure for SaaS solutions. Now, this concern has some merit — but how many organizations are productive when their network link to the internet is down? As all software everywhere is communicating via APIs, even on-premises solutions have developed dependencies on the network. For example, without a good network connection, time synchronization can break on servers which can cause SSL validation to fail, leading to all sorts of problems. Also, many organizations are distributed and have remote offices that can only communicate via the same network link.

Governance and Control

Some organizations are concerned about whether they can control the changes being applied to a SaaS solution and can review and approve / test these changes before accepting them. SaaS solutions, by their nature, abstract some of these changes from customer organizations — which is at once a benefit and a potential sticking point.

Now, there can be no debating that traditional on-premises solutions provide greater ability to lock-down the version of software, test it, and approve it for use.

Having said that, there is an inherent flaw in the notion that customers, particularly IT departments, should even be involved in the testing of software provided by their vendors. In an ideal world, their sole focus would be on accelerating innovation within their own business context, and they would trust their vendors to deliver quality software.

And that is exactly what SaaS does. Because SaaS providers understand their customers cannot control, audit, and test changes on their behalf, it makes it solely a SaaS provider’s responsibility to provide a seamless experience, regardless of how much testing that takes. SaaS providers have another big advantage: they service thousands, if not tens of thousands, of customers and have the insight to catch problems that a given customer might not yet know about, but could run into (“collective intelligence”).

In Summary

As someone who works for a SaaS company, I am admittedly biased. However, SaaS is clearly gaining massive traction within the enterprise, with no sign of weakening any time soon. Thinking beyond conventional wisdom about SaaS provides good food for thought about the trade-offs between SaaS and on-premises solutions, as well as some fuel for the next time you encounter this classic debate.

Making Multi-Vendor Cloud Management Easier
The Evolution of Software-Defined Data Centers

What our Clients are Saying

  • It has been such a pleasure to work with Elevology and especially its CEO, Donnie Rollins. From the very beginning, Donnie was so immersed in understanding our condo and our marketing needs. He was good about listenings and then suggesting and bouncing ideas off of us. As he took our conversations and tied them into reality, he truly captured the essence of who we are and where we wanted to go. We could not be more pleased with Donnie, with Elevology and with our new web site.
    Carol Loeb, President
    Sandcastle Council of Owners Association
  • My new look is Chic modern and mobile friendly.
    Charlotte Neal
    Houston Outcall Massage
  • Elevology offers great service and Donnie is always quick to answer any questions or concerns I have. I highly recommend them for your small business online services, they will not disappoint.
    Las Vegas
  • Our experience with Elevology has been of the utmost professionalism and quality. Mr. Rollins is a pleasure to work with. He promptly responds to our requests when changes are necessary to our web site. We highly recommend Elevology.
    Carl and Laurel Milentz
    Milentz Self Storage
  • Donnie Rollins is a great asset to our company and has an outstanding work ethic! He not only goes above and beyond the call of duty, but he has actually become part of our evolving progress to serve our overseas customers. I am very appreciative of Donnie Rollins' involvement in the branding of our company and his creative development of our website. We look forward to our many more years of great service and advice from a gentleman we consider part of our team.
    Tom George, CEO
  • We very much appreciate Mr. Rollin’s pleasant demeanor and his quick responses to when we have problems or need assistance in problem solving. As for this Court we would highly recommend Mr. Rollins and his company, Elevology, for any and all IT service needs.
    Connie Crenshaw CMCC
    Municipal Court Clerk Administrator
    City of Luling, Caldwell County, Texas
  • After recently acquiring a competitor and effectively doubling our production, we decided a make-over was in order. The team at Elevology worked with us in the midst of transition to totally re-design our company logo, websites, and install a voip phone network. Every aspect of the job has been handled with obvious dedication to meeting customer needs. Elevology is a prime pick for IT needs, web design, and more.
    J. Carroll
    AJAX Environmental
  • I like Donnie a lot, he is a good person. He is very smart and very efficient. I like the fact that he takes his personal Christian values to his company which to me it's honest, trustworthy, efficient and very professional. I would love to use Elevology with any personal and professional projects I have in the future.
    Karen Rocha

Online Payments

Copyright © 2005 - Elevology - Houston Joomla Web Designers and Houston Joomla Web Hosting Specialists