Software as a service
Software as a service (SaaS, typically pronounced [sæs]), sometimes referred to as "on-demand software", is a software delivery model in which software and associated data are centrally hosted on the cloud. SaaS is typically accessed by users using a thin client via a web browser.
SaaS has become a common delivery model for most business applications, including accounting, collaboration, customer relationship management (CRM), management information systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), content management (CM) and service desk management. SaaS has been incorporated into the strategy of all leading enterprise software companies.
According to a Gartner Group estimate, SaaS sales in 2010 reached $10 billion, and were projected to increase to $12.1bn in 2011, up 20.7% from 2010. Gartner Group estimates that SaaS revenue will be more than double its 2010 numbers by 2015 and reach a projected $21.3bn. Customer relationship management (CRM) continues to be the largest market for SaaS. SaaS revenue within the CRM market was forecast to reach $3.8bn in 2011, up from $3.2bn in 2010.
Centralized hosting of business applications dates back to the 1960s. Starting in that decade, IBM and other mainframe providers conducted a service bureau business, often referred to as time-sharing or utility computing. Such services included offering computing power and database storage to banks and other large organizations from their worldwide data centers.
The expansion of the Internet during the 1990s brought about a new class of centralized computing, called Application Service Providers (ASP). Application service providers provided businesses with the service of hosting and managing specialized business applications, with the goal of reducing costs through central administration and through the solution provider's specialization in a particular business application.
Software as a service essentially extends the idea of the ASP model. The term Software as a Service (SaaS), however, is commonly used in more specific settings:
- whereas most initial application service providers focused on managing and hosting third-party independent software vendors' software, as of 2012[update] software-as-a-service vendors typically develop and manage their own software
- whereas many initial application service providers offered more traditional client-server applications, which require installation of software on users' personal computers, contemporary software-as-a-service solutions rely predominantly on the Web and only require an internet browser to use
- whereas the software architecture used by most initial application service providers mandated maintaining a separate instance of the application for each business, as of 2012[update] software-as-a-service solutions normally utilize a multi-tenant architecture, in which the application serves multiple businesses and users, and partitions its data accordingly
The SAAS acronym allegedly first appeared in an article called "Strategic Backgrounder: Software As A Service", internally published in February 2001 by the Software & Information Industry's (SIIA) eBusiness Division.
DbaaS (Database as a Service) has emerged as a sub-variety of SaaS.
Unlike traditional software which is conventionally sold as a perpetual license with an up-front cost (and an optional ongoing support fee), SaaS providers generally price applications using a subscription fee, most commonly a monthly fee or an annual fee. Consequently, the initial setup cost for SaaS is typically lower than the equivalent enterprise software. SaaS vendors typically price their applications based on some usage parameters, such as the number of users ("seats") using the application. However, because in a SaaS environment customers' data resides with the SaaS vendor, opportunities also exist to charge per transaction, event, or other unit of value.
The relatively low cost for user provisioning (i.e., setting up a new customer) in a multi-tenant environment enables some SaaS vendors to offer applications using the freemium model. In this model, a free service is made available with limited functionality or scope, and fees are charged for enhanced functionality or larger scope. Some other SaaS applications are completely free to users, with revenue being derived from alternate sources such as advertising.
A key driver of SaaS growth is SaaS vendors' ability to provide a price that is competitive with on-premises software. This is consistent with the traditional rationale for outsourcing IT systems, which involves applying economies of scale to application operation, i.e., an outside service provider may be able offer better, cheaper, more reliable applications.
The vast majority of SaaS solutions are based on a multi-tenant architecture. With this model, a single version of the application, with a single configuration (hardware, network, operating system), is used for all customers ("tenants"). To support scalability, the application is installed on multiple machines (called horizontal scaling). In some cases, a second version of the application is set up to offer a select group of customers with access to pre-release versions of the applications (e.g., a beta version) for testing purposes. This is contrasted with traditional software, where multiple physical copies of the software—each potentially of a different version, with a potentially different configuration, and oftentimes customized—are installed across various customer sites.
While an exception rather the norm, some SaaS solutions do not use multi-tenancy, or use other mechanisms—such as virtualization—to cost-effectively manage a large number of customers in place of multi-tenancy. Whether multi-tenancy is a necessary component for software-as-a-service is a topic of controversy.
While not all software-as-a-service applications share all traits, the characteristics below are common among many SaaS applications:
 Configuration and customization
SaaS applications similarly support what is traditionally known as application customization. In other words, like traditional enterprise software, a single customer can alter the set of configuration options (a.k.a., parameters) that affect its functionality and look-and-feel. Each customer may have its own settings (or: parameter values) for the configuration options. The application can be customized to the degree it was designed for based on a set of predefined configuration options.
For example: to support customers' common need to change an application's look-and-feel so that the application appears to be having the customer's brand (or—if so desired—co-branded), many SaaS applications let customers provide (through a self service interface or by working with application provider staff) a custom logo and sometimes a set of custom colors. The customer cannot, however, change the page layout unless such an option was designed for.
 Accelerated feature delivery
SaaS applications are often updated more frequently than traditional software, in many cases on a weekly or monthly basis. This is enabled by several factors:
- The application is hosted centrally, so new releases can be put in place without requiring customers to physically install new software.
- The application only has a single configuration, making development testing faster.
- The application vendor has access to all customer data, expediting design and regression testing.
- The solution provider has access to user behavior within the application (usually via web analytics), making it easier to identify areas worthy of improvement.
Accelerated feature delivery is further enabled by agile software development methodologies. Such methodologies, which have evolved in the mid-1990s, provide a set of software development tools and practices to support frequent software releases.
 Open integration protocols
Since SaaS applications cannot access a company's internal systems (databases or internal services), they predominantly offer integration protocols and application programming interfaces (APIs) that operate over a wide area network. Typically, these are protocols based on HTTP, REST, SOAP and JSON.
The ubiquity of SaaS applications and other Internet services and the standardization of their API technology has spawned development of mashups, which are lightweight applications that combine data, presentation and functionality from multiple services, creating a compound service. Mashups further differentiate SaaS applications from on-premises software as the latter cannot be easily integrated outside a company's firewall.
For example, many project management applications delivered in the SaaS model offer—in addition to traditional project planning functionality—collaboration features letting users comment on tasks and plans and share documents within and outside an organization. Several other SaaS applications let users vote on and offer new feature ideas.
While some collaboration-related functionality is also integrated into on-premises software, (implicit or explicit) collaboration between users of different customers is only possible with centrally-hosted software.
 Adoption drivers
Several important changes to the software market and technology landscape have facilitated acceptance and growth of SaaS solutions:
- The growing use of web-based user interfaces by applications, along with the proliferation of associated practices (e.g., web design), continuously decreased the need for traditional client-server applications. Consequently, traditional software vendors' investment in software based on fat clients has become a disadvantage (mandating ongoing support), opening the door for new software vendors offering a user experience perceived as more "modern".
- The increasing penetration of broadband Internet access enabled remote centrally-hosted applications to offer speed comparable to on-premises software.
- The standardization of the HTTPS protocol as part of the web stack provided universally available lightweight security that is sufficient for most everyday applications.
- The introduction and wide acceptance of lightweight integration protocols such as REST and SOAP enabled affordable integration between SaaS applications (residing in the cloud) with internal applications over wide area networks and with other SaaS applications.
 Adoption challenges
Some limitations slow down the acceptance of SaaS and prohibit it from being used in some cases:
- Since data is being stored on the vendor’s servers, data security becomes an issue.
- SaaS applications are hosted in the cloud, far away from the application users. This introduces latency into the environment; so, for example, the SaaS model is not suitable for applications that demand response times in the milliseconds.
- Multi-tenant architectures, which drive cost efficiency for SaaS solution providers, does not allow true customization of applications for large clients, prohibiting such applications from being used in scenarios (applicable mostly to large enterprises) for which such customization is necessary.
- Some business applications require access to or integration with customer's current data. When such data is large in volume or sensitive (e.g., end users' personal information), integrating it with remotely hosted software is costly and/or risky.
- Constitutional search/seizure warrant laws do not protect all forms of SaaS dynamically stored data. The end result is a link is added to the chain of security where access to the data, and by extension misuse of that data, is limited only by the assumed honesty of 3rd parties or government agencies able to access the data on their on recognizance.
In the standard model, the client had lots of areas to worry about which could simply turn out to be large headaches and drain resources:
- Compatibility with hardware, other software, and operating systems.
- Licensing and compliance problems (unauthorized copies with the software program boating the organization).
- Maintenance, support, and patch revision processes.
 Data escrow
Software as a service data escrow is the process of keeping a copy of critical software-as-a-service application data with an independent third party. Similar to source code escrow, where critical software source code is stored with an independent third party, SaaS data escrow is the same logic applied to data within a SaaS application. It allows companies to protect and insure all the data that resides within SaaS applications, protecting against data loss.
There are many and varied reasons for considering SaaS data escrow including concerns about vendor bankruptcy, unplanned service outages and potential data loss or corruption. Many businesses are also keen to ensure that they are complying with their own data governance standards or want improved reporting and business analytics against their SaaS data. A research conducted by Clearpace Software Ltd. into the growth of SaaS showed that 85 percent of the participants wanted to take a copy of their SaaS data. A third of these participants wanted a copy on a daily basis.
- ^ "Software as a Service (SaaS)". Cloud Taxonomy. OpenCrowd. http://cloudtaxonomy.opencrowd.com/taxonomy/software-as-a-service/. Retrieved 24 April 2011.
- ^ Laird, Peter (5 June 2008). "How Oracle, IBM, SAP, Microsoft, and Intuit are Responding to the SaaS Revolution". Laird OnDemand. Blogspot. http://peterlaird.blogspot.com/2008/06/how-oracle-ibm-sap-microsoft-and-intuit.html. Retrieved 24 April 2011.
- ^ Jutras, Cindy. "QAD On Demand gives manufacturers the tools they need to become global". Aberdeen Research Group. TheStreet.com Inc. http://bx.businessweek.com/enterprise-software/view?url=http%3A%2F%2Fc.moreover.com%2Fclick%2Fhere.pl%3Fr3936360089&f%3D9791. Retrieved 22 May 2011.
- ^ McHall, Tom (7 July 2011). "Gartner Says Worldwide Software as a Service Revenue Is Forecast to Grow 21 Percent in 2011". Gartner.com. Gartner. http://www.gartner.com/it/page.jsp?id=1739214&M=6e0e6b7e-2439-4289-b697-863578323245. Retrieved 28 July 2011.
- ^ Barret, Larry (27 July 2010). "SaaS Market Growing by Leaps and Bounds: Gartner". Datamation. QuinStreet, Inc. http://itmanagement.earthweb.com/entdev/article.php/3895101/SaaS-Market-Growing-by-Leaps-and-Bounds-Gartner.htm.
- ^ Anderson, Tim (5 May 2011). "Let the Cloud Developer Wars begin". The Register. http://www.theregister.co.uk/2011/05/05/cloud_vendor_platforms/.
- ^ Software As A Service: Strategic Backgrounder. Washington, D.C.: Software & Information Industry Association. 28 February 2001. http://www.siia.net/estore/pubs/SSB-01.pdf. Retrieved 24 April 2011.
- ^ Ferrari, Elena (2010). Access Control in Data Management Systems. Synthesis Lectures on Data Management. Morgan & Claypool Publishers. p. 77. ISBN 9781608453757. http://books.google.com/books?id=sfEXMcvWzyoC. Retrieved 2012-02-13. "[...] a new emerging option is represented by the Database as a Service (DbaaS) paradigm [...]. DbaaS is regulated by the same principles as Software as a Service (SaaS) and basically means the delivery of the typical functionalities of a database management system in the cloud."
- ^ Wainewright, Phil (19 October 2007). "Workstream prefers virtualization to multi-tenancy". ZDNet. CBS Interactive. http://blogs.zdnet.com/SAAS/?p=400. Retrieved 24 April 2011.
- ^ Carraro, Gianpaolo (21 June 2008). "I can't believe we are still talking about whether saas == multi-tenancy...". Gianpaolo's blog.. Microsoft Corporation. http://blogs.msdn.com/b/gianpaolo/archive/2008/06/20/i-can-t-believe-we-are-still-talking-about-whether-saas-multi-tenancy.aspx. Retrieved 24 April 2011.
- ^ Creese, Guy (18 May 2010). "SaaS vs. Software: The Release Cycle for SaaS Is Usually (Not Always) Faster". Gartner blog. Gartner, Inc. http://blogs.gartner.com/guy-creese/2010/05/18/saas-vs-software-the-development-cycle-for-saas-is-usually-not-always-faster/. Retrieved 24 April 2011.
- ^ "Jumping to SaaS? Take Agile Software Development Along with You". DevX.com. QuinStreet Inc. 8 January 2008. http://www.devx.com/SaaS/Article/36357/0/page/1. Retrieved 24 April 2011.
- ^ Lisserman, Miroslaw (20 December 2010). "SaaS And The Everlasting Security Concerns". Forrester Research. http://community.forrester.com/message/10906. Retrieved 24 April 2011.
- ^ Arthur, Charles (2010-12-14). "Google's ChromeOS means losing control of data, warns GNU founder Richard Stallman | Technology | guardian.co.uk". Guardian. http://www.guardian.co.uk/technology/blog/2010/dec/14/chrome-os-richard-stallman-warning?INTCMP=SRCH. Retrieved 2012-02-16.
- ^ Adhikari, Richard. "Why Richard Stallman Takes No Shine to Chrome." LinuxInsider, 15 December 2010.
- ^ Stallman, Richard (2011/09/20 08:15:47). "Who does that server really serve?". GNU, Boston Review. http://www.gnu.org/philosophy/who-does-that-server-really-serve.html. Retrieved 15 January 2012.
- ^ Examples: Hill, Benjamin Mako (Sun, 01 Feb 2009). "Show Me the Code". Revealing Errors. http://revealingerrors.com/show_me_the_code. Retrieved 15 January 2012. Assange, Julian (April 9, 2011). (Interview). London. http://rt.com/news/wikileaks-revelations-assange-interview/. Retrieved 15 January 2012. ""Facebook, Google, Yahoo – all these major US organizations have built-in interfaces for US intelligence. It’s not a matter of serving a subpoena. They have an interface that they have developed for US intelligence to use."".
- ^ "Cloud Software as a Service (SaaS) in Cloud Computing. This is not rightServices". CloudComputingSec. 2011. http://cloudcomputingsec.com/283/cloud-software-as-a-service-saas-in-cloud-computing-services.html. Retrieved 2011-12-15.
- ^ Bona, Deborah R (7 August 7, 2009). "Develop a Framework for SaaS Application Business Continuity Risk Mitigation". Gartner.com. Gartner, Inc. http://www.gartner.com/DisplayDocument?id=1118412. Retrieved 24 April 2011.
- ^ "SaaS Data Escrow Benchmark Report" (PDF). RainStor (Gloucester, England: Clearpace Software Ltd). 14 December 2009. http://www.rainstor.com/assets/downloads/SaaS_Data_Escrow_International_Report.pdf. Retrieved 24 April 2011. "Only 15 per cent of those who currently use, or plan to use, SaaS have no inclination to keep a copy of their data."