Special feature: Every cloud - the increasing importance of cloud computing

Software-as-a-Service (SaaS), which gives companies access to commercial applications delivered by third-party providers on the internet ‘cloud’, is now big business and getting bigger every day. Over the past year, SaaS deployments globally have grown significantly, across North America and Europe adoption in large enterprises grew 33% and adoption in the small and medium-sized business market grew 50%, according to a survey from Forrester.

The analyst firm found that HR applications, collaboration and CRM are the most popular choices for delivery as a service. Human capital management applications were the most widely-used SaaS technologies, deployed in 45% of companies. Other SaaS applications used by more than a third of respondents were collaboration software (38%), CRM software (36%) and order management software (35%). There are also increasing instances of multiple SaaS application usage.

Liz Herbert, senior analyst with Forrester, says that growth in SaaS adoption is being accompanied by a shift in the type of applications that are being delivered. Companies that have been running relatively low-level applications as services are increasingly considering the model for delivery of more mission-critical functions.

“As companies increase their usage of SaaS applications and deploy them for more mission-critical functions, they must be more prudent about their contracts with providers. Sourcing departments should take the initiative to help with best practices for negotiating the growing numbers of SaaS contracts,” says Herbert.

“Key considerations include data ownership, systems uptime and performance expectations, backup and recovery and support. Sourcing departments should also take responsibility for keeping repositories of contracts and tracking application usage so they can be more successful in future negotiations.”

Taking ownership
The importance of securing ownership of data was echoed by Clive Longbottom, service director at analyst outfit Quocirca. “Data is king and this means, first and foremost, intellectual property must be safeguarded. Firms need to have a ‘Plan B’ in mind and ensure they have a storage device they own and control ­ either in their own buildings or offsite ­ that holds their data. They must always have their data mirrored onto a machine that belongs to them and not to the SaaS partner, which may fail in the future.”

Herbert says Forrester clients often ask whether shared architectures and internet delivery put their sensitive data at risk. According to Herbert this should not be a significant concern if companies ensure basic safeguards are in place. “Vendors must take appropriate steps to ensure strong access rights, data security and physical security in the data centre. Leading firms are getting certifications such as SAS 70 Type II to prove their security to prospects and customers. Smaller vendors should partner with leading hosts to ensure physical security.”

According to Longbottom, companies that do not have technology as their core competency often find that outsourcing even mission-critical applications to SaaS partners offers compelling advantages. “The simple answer is that the SaaS model is ready to support mission-critical applications. However, the caveat is that companies must choose carefully which applications can be delivered in this way and also which partner is best placed to deliver them.

“In security terms, a professional IT provider should be better positioned and have a state-of-the-art infrastructure with very high levels of data and physical security. Security needs to address technical issues, but also physical factors such who has access to the physical machines hosting data. This is an area where many companies do not address well internally.