So what is SaaS?
Software as a service has been around for years, but some view the launch of Salesforce.com's customer relationship management service in 1999 as a significant moment in SaaS's move into the mainstream. However, the principle of remotely using software located on someone else's hardware goes back to the earliest days of commercial computing in the 1950s and 1960s, with the bureau and time-sharing services of LEO and IBM.
SaaS is the most common form of cloud computing, where you use a browser and an internet link to access an application that's hosted and managed on servers in a service provider's datacentre. You pay for the service according to how much you use it or by subscription — rather than buying a licence and paying for maintenance as you would with software run on-premise. When people talk about on-demand software and hosted apps, they're usually talking about SaaS.
So it's the same thing that ASPs offered in the 1990s?
Not quite. ASPs, or application service providers, typically ran individual instances of others vendors' software for specific users. But with SaaS, users share instances of the provider's own software but keep data and any customisations separate — in other words, multi-tenancy.
How popular is it?
You'd be hard pressed to find an organisation of any size that isn't using SaaS in some form — officially or not. And the figures on the whole SaaS market look impressive. Analyst firm Gartner estimates spending on SaaS will hit $22.1bn in 2015, up from $14.5bn in 2012.
But it remains only a small part of the whole software industry. To give you some perspective, spending on ERP applications alone is expected to reach $32.9bn in 2016, according to Gartner. Mind you, ERP is the biggest software segment by value.
What's attracting customers to SaaS?
Its appeal is pretty obvious. Broadly, it comes down to cheapness and flexibility. First, you don't have to buy the hardware or maintain and upgrade it. That alone saves a lot of money.
With SaaS there are no software licences or maintenance fees, which typically come in at an eye-watering annual 20 percent of the on-premise software purchase price. You also find many of the software support tasks are simplified or eliminated — for example, you don't have to ensure upgrades are deployed to all your machines.
Some organisations also like the idea that SaaS makes them better insulated from disasters and security breaches. If they're small or medium-sized businesses, they may feel reassured that their data and systems reside with a big, expert provider. Sadly, history suggests that confidence is occasionally misplaced.
Then you have the advantage of getting an application up and running more quickly, while at the same time the upfront investment in the software is far lower. Because access is browser-based, you should also be able to use the software from a number of types of device.
On top of all those cost and accessibility plus points, you get flexibility and, in theory, scalability — 'in theory' because it may not always be instantly available. So, depending on the deal you've struck, you should be able to add more users or perhaps pay less if your use of the software dips.
So, what's not to like?
As with all things, many of the attractions can also be weaknesses. So, for example, easy access to the software and data through a browser cuts both ways — it could equally facilitate illegitimate access.
Also, the nice warm feeling that your data is secure in the cloud doesn't change the fact that it is still located somewhere physically — so, do you know what that location is? It's an issue that has obvious ramifications for governance and data-protection regulations.
Furthermore, how much do you actually know about the software itself and the way it was built? With SaaS, you can't look under the hood at the software and assess the quality of the code you're paying for or understand the stack of applications on which it may be running. You are also tied in to the development plans of the provider. What if you don't like the new features and functionality?
For smaller organisations, the internet link on which the SaaS depends could also restrict software performance and the type of task that lends itself to the on-demand approach.
You also expect your SaaS to be resilient, and it usually is. Yet even the occasional outage can have unfortunate consequences, and restoring the service is out of your hands.
The main, longer term risk is lock-in. You have to ask yourself if your SaaS vendor goes bust or heads in a direction you don't like, how easy will it be to move the data and your internal organisation to another provider?
OK, but surely there's nothing negative in the low cost and ease of sign-up?
Nothing whatsoever — unless, of course, the wrong person signs up on a whim and a credit card. One of the issues with SaaS is that it can play havoc with IT strategy when departmental directors — in, say, marketing or sales — sign up to on-demand software and pay for it from operating expenses. In those cases, the short-term benefits may eventually be eclipsed by long-term headaches.
In the most extreme situations, quite apart from adding unnecessary complexity, SaaS can mean the strategic IT direction of an organisation ends up being dictated by people who haven't a clue about knowledge management, risk or the longer-term view.
However, even this potentially negative aspect of SaaS could ultimately do some good if it leads to organisations developing more transparency in the way money is spent on IT and the value it yields. Who knows, it could even strengthen the CIO's role as a broker of services.