ORLANDOD -- Software-as-a-service (SaaS) may offer the advantage of application-based computing you can pay for as needed, but there are pitfalls, too, that are becoming increasingly evident, according to Gartner analyst Robert DeSisto.
SaaS is a "service-delivery model," said DeSisto at Gartner's ITxpo Conference. "Something is shared on the back end, and that, hopefully, gets you economies of scale." However, he immediately added that if you're "getting into this game solely to save money, you have come to the wrong place."
"Quite frankly, it's not to save money," said DeSisto, whose division at Gartner has spent several years looking at market offerings and the experiences of Gartner clientele in various SaaS contractual situations.
The basic advantages of SaaS — and there are now hundreds of applications available — is the ability to quickly scale to thousands of users and gaining technical value without capital outlay. Other advantages are that there are incremental releases that deliver more functionality immediately for users, with the SaaS provider doing that work. SaaS vendors are showing they can deliver "more rapid response to enhancement requests," DeSisto says. Patch management may be easier, too, under SaaS.But it's also clear there's a downside related to the way pricing and service-level agreements are often constructed.
Examples of SaaS vendors include Salesforce, Taleo, Workday, NetSuite, Oracle, SuccessFactors, and Microsoft Dynamics.
DeSisto points out that the irony, though, is that enterprise customers can end up with "shelfware as a service" because in some circumstances, customers get locked into multi-year contracts for a schedule over time and start paying for users that don't get deployed quickly enough. Under inflexible contracts, customers have actually paid hundreds of thousands for SaaS shelfware never used.
SaaS customers should be pushing for contracts that accommodate changing user requirements at least once a year, and "capacity-based alternatives," DeSisto said.
Another pitfall is that the service-level agreements are "all over the map" and sometimes don't even exist, DeSisto noted. "SLAs have to be at 99.7% to 99.9%," advises DeSisto, with a clear specification for "tangible remedies" if that doesn't happen. Finding out about SaaS data center operations is imperative and it may come as a shock to find out that many have no disaster recovery, he adds.
"For a large company, it's almost insane — that a large company wouldn't have disaster recovery," DeSisto pointed out, adding he knows of one SaaS data center for disaster recovery sitting on a fault line.
A further complication is that there are now application infrastructure services springing up for SaaS vendors, too, which means SaaS vendors themselves may be "outsourcing the bottom layer of the stack," DeSisto said. That situation calls for an SLA to make sure that's addressed, and customers are in the situation of asking questions about all of it.
Gartner has seen circumstances where for large enterprises there is actually a higher total cost of ownership after three years in comparison to on-premises alternatives. In fact, Gartner has seen that as among the main reasons enterprises have moved away from SaaS.
Another SaaS question relates to "multi-tenancy," the phrase commonly heard to describe how an application service may be shared, DeSisto remarked. But the term in and of itself is insufficient, and customers have to ask what exactly is being shared, whether it's hardware, a database, a container, or everything, in order to have some basic idea of the architecture they're buying into since there are a lot of security and governance implications that have to be examined.
SaaS may not be a good choice for more intensive computing going over an Internet connection, DeSisto pointed out. There has to be latency testing to know a SaaS application will work properly for any particular enterprise.
Integrating the SaaS application into the enterprise requires work, and can entail a continuous testing cycle to support incremental SaaS upgrades. For enterprises with multiple SaaS services, "you'll be in perpetual testing mode to make sure this will all work," he noted. "Integration is hard," he adds, noting many SaaS applications integrate in a batch mode through a firewall.
The surprising thing even now, DeSisto said, is that there are so few enterprises with any SaaS policy.
"Most of the time, there's no corporate SaaS policy," DeSisto said. This calls for defining the fundamental relationship between business and the information technology divisions, and addressing questions such as how SaaS should be used, who owns the configuration change-management process, will there be chargebacks to departments.
With SaaS, "in theory, you can go around IT entirely," DeSisto said, and that has been known to happen.
Read more about software in Network World's Software section.