As the infrastructure around the Internet has developed and improved and computing power has continued to increase, so it has allowed for a new generation of software. This has primarily come about because of the improvements in telecommunications speeds and the availability of broadband Internet to a large percentage of people. This article looks at what this means for users and the benefits and disadvantages of software-as-a-service compared to traditional software licencing.
Software-as-a-Service
What is software-as-a-service, and how does it differ to "traditional" software?
Generally software-as-a-service is provided via the Internet. Let´s assume we are looking at a contact management system. If you want to use this software-as-a-service you will normally pay a fee per month or per year to use it. You will be provided with login details, and you will then be able to access the software over the Internet using your browser (such as Internet Explorer or Firefox).
As you enter contacts and related information into the software, the data will be stored on a web server which is hosted by the provider of the software.
This differs to the "traditional" software which will be supplied as some software that you actually install on your machine. This may be provided as a CD, or you may download it from the Internet, but either way the software needs to be installed before you can use it.
In this case, as you enter data into the software, the data will be stored somewhere on your machine.
Outsourcing
Software-as-a-service is so called because you are not just getting to use software that may fulfill your needs, but you are also gaining additional services. In essence, these are the provision of the server on which the software is running, and the space that enables you to store your data. Software updates and data backups will be (or should be) provided by your software service provider, so you will not need to be concerned with these elements.
This allows you to outsource more of your IT infrastructure to a third party i.e. the providers of the software-as-a-service and all can be paid for with one payment, either monthly or annually.
The other principle advantage of software-as-a-service over traditional software installations is that since it operates over the Internet, you can access your data from anywhere where you are able to access the Internet, whether that be in your office, at a motorway service station, or on the other side of the world.
It´s new, it´s better
The above advantages of the software-as-a-service model are clear, but it is important to look at the traditional software model and compare this to see the advantages and disadvantages between the two. It isn´t necessarily true that the newer software distribution models are better.
The new model of software-as-a-service is much more like the "olden days" of the mainframe computer. Computing power, and electronic components in general, were much more expensive and so all the processing power was available from one large centralised computer, which was called the mainframe. Users could access the mainframe with dumb terminals. Dumb terminals were so called because they were not computers themselves and couldn´t process any data. They were basically a monitor and keyboard allowing a user to access and change data on the mainframe.
As computer power became cheaper, so it became possible for people to have a computer on their desk. This often meant that these PCs (Personal Computers, since they belonged, generally, to an individual) were used to access information on the mainframe, but also had their own programs installed to perform additional tasks. Computing power continued to grow at such a rate (Moore´s Law states that computer processing speed will double every two years, which to date has been very accurate) that PCs were soon able to match the processing power of the mainframes. This brought along the era of the ´fat client´, the client being the PC and so called because it had all necessary software installed which it ran and processed itself. the mainframe computer became a monolithic thing of the past.
Full circle
We started with the way in which the Internet has enabled software-as-a-service to be possible, and if we look at the old infrastructure of computing this has meant that PCs could well become more ´thin client´ again, with all of the processing and storage of data done by servers on the Internet.
We will be operating in a similar "dumb terminal / mainframe" scenario. The mainframe is replaced by the web server which is provided by the software service provider, and your computer becomes the dumb terminal once more; it is used to run the web browser that you use to access the online software. Of course, your computer is not so dumb as the original dumb terminals, and when browsing the Internat your machine is performing a considerable amount of processing in the retrieval and displaying of web pages.
So, which is better: the thin client where the software is provided as a service by a third party, or the fat client where you install and run your software on your own machine(s)?
The starting point to determine which is the best model for any situation, should be to perform the CROCS test:
Control
Responsibility
Ownership
Consistency
Security
Control
If you are using software-as-a-service then you are able to pass on responsibility (as described below) but at the same time you are relinquishing a certain amount of control over the software that you use and how you are using it. This control runs through all aspects of the elements to consider when comparing software-as-a-service and traditional software and it is necessary to balance the outsourcing of the service with the releasing of some of this control.
For example, one of the benefits of software-as-a-service is that not only may software upgrades be included in the price that you pay to use the software, but that the upgrades will be completed for you. However, when will the upgrades be completed? Your provider may dictate this to you, and tell you when the downtime will be. You may not have any say in the matter. In addition, what if you don´t like the new upgraded version for whatever reason. Will you be able to use the old version that you were familiar with and liked?
With traditional software you may have the additional responsibility, but with this comes additional control, enabling you to decide if you want to install and upgrade, and if you do, when.
These are important items to bear in mind.
Responsibility
As already touched upon, software-as-a-service allows you to outsource additional responsibilities to your software provider, but it is essential that you look into details of not only what services are being provided, but more importantly what guarantees you have with these services. This covers not only the provision of the software (which is covered in more detail under Consistency) but also the safe-keeping of your data.
If a backup service is provided, what insurances are in place should there be a backup failure and your data is lost. It is very difficult to put a price on the value of data but look carefully at your software-as-a-service contract to see how this value is covered. It is too easy to outsource responsibility without having proper controls in place. Bottom line, if you lost your data where would you be?
With traditional software, backups are all important, whether it be your word-processing documents or your contact management database. You need to ensure that backups are made at regular intervals, and you also need to be aware of where those backups are, for security purposes and for fire protection purposes. You don´t want your backups to get into the wrong hands, particularly if they contain business critical and sensitive data. You also need to include your backups in your disaster recovery plan, so that if there as a fire and your office burnt down overnight, you know you have a backup available somewhere else.
If you keep this reponsibility in-house with proper procedures in place then you will know that whatever the cause, you will be able to get up and running again in the case of a disaster.
Ownership
Software-as-a-service tends to be charged at a monthly or annual rate and there is, therefore, an ongoing financial cost. This cost does, though, provide not only the software but the additional services that we have already identified.
Traditional software is generally supplied on a licence basis, whereby you pay a fee for a licence to use the software and once you have paid that licence fee you can continue to use the software for as long as you like without further charges.
When you buy traditional software you are buying a licence, which may include a CD, or a downloadable piece of software. With software-as-a-service you primarily get a username and password to log into a server on the Internet. In essence you are just renting access to the software rather than having ´bought´ it. The impact of this becomes more apparent in the Consistency section below, but with software-as-a-service there is a lesser degree of ownership. You could compare the software-as-a-service rental situation to a traditional software licence mortgage situation. You are not as reliant on the whims of the landlord/software provider.
Consistency
This is one of the most important factors to consider when looking at software-as-a-service, and it is important to check your contract with your provider in this respect.
What guarantees do you have regarding the provision of the software? What happens if your providers server goes down and you can´t access the software? What would happen if your software provider goes bust, or they decide they do not want to provide the software any more? What guarantees do you have regarding the monthly/annual fee for using the software and how much it will / could rise by?
Your software-as-a-service is running off a server on the Internet, and it is likely that this server is shared with many other users. If all users are online and accessing their software at the same time this will have an impact on the speed with which you will be able to access the data in your own system. What service level agreement is in place with your provider in this respect?
With the traditional software model, your software is running on your machine. No one else is going to be using your processing power.
More seriously, with software-as-a-service you could find yourself at any time unable to access your software with no guarantee that you will be able to again. Your data is stored on a server somewhere that you don´t have access to, and your software provider is not answering the ´phone. What do you do? Are there procedures in place for this eventuality? What are the timescales before they kick on? What guarantees do you have that they will?
Your traditional software may come with an escrow agreement, or an optional escrow agreement. This basically means that if the software provider should go bust then you would have the right to access the source code to the software to fix any problems that may occur with the software. In practical terms this may be of no benefit because you would need to know how to fix the problem. However, you would still be able to access and use the software that you currently have, enabling you to look at solutions or other alternatives over a period of time rather than suddenly losing all access one day.
Consistency is something you should take into account when deciding which route you want to take. Ask yourself ´What would I do if I couldn´t access the software?´ and then ´How quickly would I get back up and running again if there was a problem?´
Security
The most important element of any software that you use in your day-to-day business running is the data that you create when you are using it. Your data can be invaluable to your business, and as we rely more and more on computers so we rely on the data that they can give back to us at the touch of a button.
As much as your data is important to your business, so it could be of value to another business, and you should keep this in mind. Your contact lists, names, email addresses and ´phone numbers can be valuable. The more complete the information, the more valuable it is. Some companies are in business only to sell lists of contact names and details, so you need to ensure you protect even this seemingly simple data.
Once you add on more detailed business transactions to your data, such as past orders, invoice information, payment details, credit card numbers etc. you can see that your data can suddenly be highly valuable in the hands of the wrong person.
Because of this data value, it is essential that your data is secure. With traditional software this generally involves two or three levels of security:
- Prevent unauthorised access to your office
- Prevent unauthorised access to the machine that has your software/data installed
- Prevent unauthorised access to the software application itself
The third level will depend on whether or not your software includes any access control mechanisms, such as a username and password to log into it. Even without this, you can still ensure your data is secure by securing your office and the computers themselves (such as with Windows passwords etc.)
With software-as-a-service, the security element is not within your control, so you should again check your contract and service level agreement to see what security measures are in place for your data. One of the big benefits of software-as-a-service, already highlighted above, is the accessibility from anywhere where you can get Internet accesss. You need to satisfy yourself that the data is only accessible to you, since widened accessibility brings with it inherent security issues. Your software access should be similar to the security levels provided by your online banking login procedures. Your business data could be as valuable, or if not more valuable, than the contents of your bank account.
Finally you need to ensure that the company that you are perhaps looking to provide your software-as-a-service is a reputable company. You are placing all your data on their servers, and you are likely to have no idea where these servers are physically located, and who has access to them. You should ensure that you have a complete non-disclosure agreement in place with your provider, as well as full details as to the physical security measures that are in place to prevent unauthorised access to those computers. Ultimately, when you take and store information about your clients you are responsible for ensuring that that data is secure and that means ensuring your software service provider is ensuring it is secure.
What´s best for me
The best solution for you will depend on your particular circumstances, the type of business you are in, the type of software you are looking to use, how much in-house knowledge you have of computers and software and a whole host of other things.
You need to balance the desire to outsource the software service and the responsibility, with the need to ensure that you still have control over the software that you use, the data that you produce and the situation if your provider stops providing, whatever the reason.
In general, traditional software licencing and the running of your own software gives you the control but with it the responsibility. If you feel confortable with passing on this responsibility to a software service provider then that may be the better option for you.
You can probably see the clear advantages and disadvantages to each. Still can´t figure out what is best for you?
Hybrid Solutions
There are many software solutions around today that are a hybrid of the software-as-a-service that we have looked at, and the traditional software licencing that many of us are used to. These hybrid solutions make use of the advances in telecommunications speed and broadband access to provide a mix of both types of software.
Microsoft Windows, and anti-virus software such as McAfee are examples where software upgrades are performed automatically by your machine, by connecting to the Internet and looking for, and downloading, upgrades that are available. The software is installed on your machine, but you do not need to worry about upgrading it, as it can happen automatically. You also have the advantage here of being able to decline updates, and specify if and when you want them to be installed.
Other services can also be added to the traditional software model, such as automated online backups. Your data is backed up onto a server provided by yourself or perhaps your software provider. Of course, if your software provider is providing the server space for the backups then you need to consider the security implications in the same way as you would for a full software-as-a-service situation. However you would have the added advantage of seeing that backups were actually being made, and be able to make additional backups on an ad-hoc basis.
Conclusion
In general software-as-a-service is probably more attractive to smaller businesses. They can get up and running without having to pay out large up-front costs on the necessary hardware and possible network infrastructures; all they will need is a computer with good Internet access.
However, as a business grows it is likely to want to have more control over its software solutions, and will need to be more responsible for its own data and security. In this case the move to a hybrid solution would be the most beneficial and cost effective direction to take.