What is SaaS?

SaaS on a blue screen with a finger stretching to touch it
(Image credit: Shutterstock)

Software as a service, or SaaS as it’s become widely known, refers specifically to cloud-based applications and services, and is one of the three main categories of cloud computing alongside infrastructure as a service (IaaS) and platform as a service (PaaS), differing from regular software which runs on PCs or computers.

In recent years, SaaS has become a catch-all term, referring to both downloadable applications and programs such as Office 365, which includes apps installed on computers, as well as applications that run within a browser, such as Gmail or the online version of Microsoft's Outlook. It also covers more sophisticated applications, such as entire networked CRM systems including Salesforce.

Because many of these applications are accessed through a browser rather than running natively on a computer, SaaS is much easier for IT departments to manage, removing many of the headaches facing IT support. If a new iteration is launched, a business doesn’t have to upgrade it, nor does a business need to replace its entire computer system.

In the majority of cases, only minimal hardware requirements are demanded and the software can be used across devices without a loss in user experience. User hardware only needs a minimum spec, enough to run a browser, as all the heavy lifting is done on the provider's end. This form of delivery also makes it possible to deliver the same experience through thin clients or mobile devices.

Automatic updates and per-user pricing

One of the benefits of choosing SaaS apps over software installed on a computer is that updates are normally automatically installed, which means you’ll always be up to date and any security holes will be automatically fixed without you lifting a finger.

This means that IT departments can ensure only one version of an application is being used across the entire business, allowing it to be updated whenever it's most convenient. It also makes life far easier for employees, who are no longer required to make sure their security patches are up to date.

Security aside, the most compelling reason to shift to SaaS is the added flexibility of monthly subscriptions, rather than the substantial upfront costs associated with installed applications. This generally means that it's far cheaper for businesses to rollout and manage the software it uses, as, for example, they're no longer required to fork out thousands of pounds to ensure everyone is running the same version of Microsoft Office.

The nature of the subscription will vary depending on the provider, but it's common to pay for software based on the number of employees in your business, such as a per-month per-user subscription.

Most software businesses have now jumped on the SaaS craze, including CRM, HR and accountancy providers. Services are now typically available as standard offerings, or as additional bolt-ons onto installed-on-device software.

Issues with SaaS

SaaS does bring some additional challenges for IT security. For instance, data is normally stored on the vendor’s servers rather than the client’s. This can have implications for data protection, especially if handling sensitive customer files. Companies will want assurances over who might get access to their data, both from within the SaaS vendor’s organisation and externally. Data held on US servers, for example, is subject to examination by US law enforcement agencies.

The migration of business data must also be considered in advance. How easy would it be to transfer data if the company later decided to switch to an alternative SaaS provider? How long would it take? What are the costs involved? What would happen if the SaaS vendor went out of business or discontinued the service? All of these factors must be taken into consideration.

SaaS is also entirely dependent on reliable network connectivity. Businesses may have no local fall back if SaaS applications become unavailable due to disruption to the internet connection or vendor server downtime. Service level agreements rarely provide compensation for resultant loss of business, and so companies must judge the risks of being without business-critical applications for periods of time.

Network latency issues can also develop as SaaS can transfer data over long distances - travelling from vendors applications to clients, and vice-versa. The rule of thumb is the further data has to travel, the longer it will take to reach its desired destination, making for a worse response time.

SaaS shouldn’t be confused with so-called “cloud subscription” services such as Adobe Creative Cloud or Microsoft Office 365. With these products, software is still installed locally on client PCs and not normally delivered over the internet, although both Creative Cloud and Office 365 do offer the ability to store files created using their applications on their servers.

Integrating SaaS

Often, end-users invest in SaaS solutions as a standalone product with siloed capabilities, with integration to other systems only an afterthought. CIOs can cut through the multitude of SaaS offerings available by identifying a package which instead prioritises integration with existing applications, ensuring smoother cloud migrations and more comprehensive security coverage.

For instance, single-sign-on and access management are increasingly popular security tools. A SaaS package that blends seamlessly widens their usage and therefore enhances their capabilities, providing employees with the confidence necessary to trust their cloud infrastructure. It's up to CIOs to set and manage policy around integrations between SaaS solutions and solutions already owned on-premise.

Another emerging trend is vendors collaborating to permit integrations across multiple providers' software. This would allow business processes to flow more easily across applications sourced from multiple providers.