Learn how SaaS works and why it’s the predominant software delivery model today
SaaS, or software-as-a-service, is application software hosted on the cloud and used over an internet connection via a web browser, mobile app or thin client. The SaaS provider is responsible for operating, managing and maintaining the software and the infrastructure on which it runs. The customer simply creates an account, pays a fee, and gets to work.
Today SaaS is the most common public cloud computing service, and the dominant software delivery model. Much of the software that workforces use - from everyday tools like Slack (for messaging) and Dropbox (for file storage and sharing), to core business applications such as enterprise resource planning (ERP) and human resources (HR) workforce optimization platforms is delivered via the SaaS model. Compared to traditional software installed on premises, SaaS offers businesses of all sizes from startups to giant global organizations the benefits of rapid time-to-value, low-to-no management overhead, and predictable costs.
SaaS takes advantage of cloud computing infrastructure and economies of scale to provide customers a more streamlined approach to adopting, using and paying for software. All SaaS applications share the following characteristics:
SaaS applications are built to be hosted on the cloud. The SaaS software vendor can host the application on its own cloud infrastructure or with a cloud service provider (such as Amazon Web Services (AWS), Google Cloud, IBM Cloud or Microsoft Azure). Hosting with an established cloud service provider enables the SaaS provider offer the scalability and global accessibility some customers may require.
SaaS applications are accessible to any customer with an internet connection and an internet-connected end-user device (e.g. a computer, mobile phone or tablet). SaaS applications typically run in any web browser; on mobile devices, SaaS applications may run more effectively on (or may require) a mobile or tablet app. A few SaaS applications, such as Adobe Acrobat, may offer or require a dedicated thin client that users download and install on their computers.
SaaS applications exploit multi-tenant architecture, in which a single instance of the application serves every customer. For security and data privacy, each customers’ application data, user data, system data and custom configurations are segregated from those of other customers.
Perhaps most important, SaaS applications require little to no management and zero maintenance from the customer. The SaaS vendor is responsible for:
Many SaaS vendors also provide an application programming interface (API) their customers can use to integrate the SaaS application with other SaaS or traditional software applications.
The benefits and advantages of SaaS are best understood in comparison to traditional software - software installed and managed on on-premises infrastructure:
Despite its advantages, SaaS does introduce potential risks and challenges that customers, particularly enterprise customers, need to be aware of.
Because SaaS apps are so easy for users to start using, they can proliferate an organization without the IT staff’s knowledge. This phenomenon, called ‘shadow IT,’ can pose security risks. At a basic level, if IT staffers don’t know what software users are using, they can’t ensure the software is secure. Shadow IT can also exacerbate existing bad security practices such as using the same password for even more applications and consequently increase the organization’s overall vulnerability to attackers.
Another potential risk is vendor lock-in, or difficulty moving to another SaaS vendor when the current vendor’s application no longer meets the customer’s performance, functionality or business requirements. For example, if a SaaS application relies on proprietary business logic or a proprietary technology stack, it may be difficult or impossible to move from that SaaS application to another without making significant trade offs.