What is SaaS (software-as-a-service)

SaaS, or software-as-a-service, is application software hosted on the cloud and used over an internet connection via a web browser, mobile app or thin client. The SaaS provider is responsible for operating, managing and maintaining the software and the infrastructure on which it runs. The customer simply creates an account, pays a fee, and gets to work.

Today SaaS is the most common public cloud computing service, and the dominant software delivery model. Much of the software that workforces use - from everyday tools like Slack (for messaging) and Dropbox (for file storage and sharing), to core business applications such as enterprise resource planning (ERP) and human resources (HR) workforce optimization platforms is delivered via the SaaS model. Compared to traditional software installed on premises, SaaS offers businesses of all sizes from startups to giant global organizations the benefits of rapid time-to-value, low-to-no management overhead, and predictable costs.

How SaaS works 

SaaS takes advantage of cloud computing infrastructure and economies of scale to provide customers a more streamlined approach to adopting, using and paying for software. All SaaS applications share the following characteristics: 

SaaS applications are built to be hosted on the cloud. The SaaS software vendor can host the application on its own cloud infrastructure or with a cloud service provider (such as Amazon Web Services (AWS), Google Cloud, IBM Cloud or Microsoft Azure). Hosting with an established cloud service provider enables the SaaS provider offer the scalability and global accessibility some customers may require. 

SaaS applications are accessible to any customer with an internet connection and an internet-connected end-user device (e.g. a computer, mobile phone or tablet). SaaS applications typically run in any web browser; on mobile devices, SaaS applications may run more effectively on (or may require) a mobile or tablet app. A few SaaS applications, such as Adobe Acrobat, may offer or require a dedicated thin client that users download and install on their computers. 

SaaS applications exploit multi-tenant architecture, in which a single instance of the application serves every customer. For security and data privacy, each customers’ application data, user data, system data and custom configurations are segregated from those of other customers. 

Perhaps most important, SaaS applications require little to no management and zero maintenance from the customer. The SaaS vendor is responsible for: 

• Provisioning, managing and maintaining all the servers, networking equipment, storage hardware and operating software required to run the application 
• Applying feature fixes and security patches as needed 
• Providing load balancing, redundant infrastructure, data backup, cloud security and disaster recovery services to prevent outages and meet the performance, availability and data protection standards specified in the service level agreement (SLA). 

Many SaaS vendors also provide an application programming interface (API) their customers can use to integrate the SaaS application with other SaaS or traditional software applications. 

Benefits of SaaS 

The benefits and advantages of SaaS are best understood in comparison to traditional software - software installed and managed on on-premises infrastructure: 

• SaaS provides faster even instant adoption and time-to-benefit. Customers can purchase and start using SaaS applications immediately, sometimes in minutes, for a minimal upfront cost (essentially the first month’s subscription cost). Compare to traditional software, which could require purchasing and provisioning servers, installing software on every end-user device, and budgeting for and purchasing a full license for every user. 
• SaaS provides access to new features and versions as soon as they’re available. SaaS providers often upgrade features and add functionality several times a week, without customers even noticing; they can even upgrade the interface and user experience without disrupting the customers’ work. Compare to traditional on-premises software, for which periodic upgrades are often so costly and disruptive that customers might wait months for the functionality in a new version (if they don’t choose to skip some upgrades altogether). 
• SaaS enables cost effective, on-demand scalability. Customers can scale SaaS applications up and down as needed, by simply upgrading or downgrading tiers or purchasing more capacity. Compare to traditional software, which requires customers to purchase additional capacity in anticipation of usage spikes capacity that sits idle and wasted until needed. 
• SaaS offers predictable costs and dramatically lower overhead. With SaaS there’s no need to budget for infrastructure on which to run the software, for periodic software upgrades and the infrastructure to support them, and perhaps most important for in-house IT staff to install, upgrade and maintain the software. Almost all of the expense goes directly to use of the software. 

Potential challenges 

Despite its advantages, SaaS does introduce potential risks and challenges that customers, particularly enterprise customers, need to be aware of. 

Because SaaS apps are so easy for users to start using, they can proliferate an organization without the IT staff’s knowledge. This phenomenon, called ‘shadow IT,’ can pose security risks. At a basic level, if IT staffers don’t know what software users are using, they can’t ensure the software is secure. Shadow IT can also exacerbate existing bad security practices such as using the same password for even more applications and consequently increase the organization’s overall vulnerability to attackers. 

Another potential risk is vendor lock-in, or difficulty moving to another SaaS vendor when the current vendor’s application no longer meets the customer’s performance, functionality or business requirements. For example, if a SaaS application relies on proprietary business logic or a proprietary technology stack, it may be difficult or impossible to move from that SaaS application to another without making significant trade offs.