Software // Information Management
Commentary
3/24/2008
08:09 AM
Mark Smith
Mark Smith
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Software as a Service: Are You Prepared?

The economic environment has placed increased pressure on organizations to use their IT budgets and resources wisely... Software as a service (SaaS) alternatives could be a great opportunity to deliver business value and avoid long IT cycles... But nothing comes so easily without precautions and warnings.

The economic environment has placed increased pressure on organizations to ensure they are even wiser with their IT budgets and resources in order to respond effectively to business. As organizations find methods to reduce and avoid costs, the dilemma of installing and maintaining software and applications continues to be a place for examining alternatives. These software as a service (SaaS) alternatives could be a great opportunity to deliver business value more immediately and avoid long IT cycles that may conflict with the time pressures of your organizations. But nothing comes so easily without precautions and warnings.Now, you must realize that by having your application operate outside of your organization, your data being created or integrated is not under your supervision and in many cases, it is not even under the provider's supervision. Therefore, it is important to ensure that the provider has complied with industry compliance standards in how they manage your data and who has access to the data in their hosting company and organization are controlled in their access to your data. This is why there is a lot of discussion and focus on SAS 70 Type I and Type II compliance as outlined by the AICPA and conducted by auditors. This can help ensure that processes and policies are defined and managed to ensure the protection of your system that you are using in a software as a service (SaaS) manner by the actual provider or their hosting partner. You should examine your potential SaaS provider certifications and who conducted them to ensure the right level of security and that it is being maintained and reviewed on an annual basis.

Now, what is additionally important is to ensure that you can access your data in the application for other business purposes that are critical for you. In many organizations the re-integration of data from an SaaS provider into a centralized data mart or business intelligence system is needed to gain a complete view of your employees, customers, sales, etc.. In fact, the access and integration of that data over the Internet needs to connect to other SaaS provider offerings that you may be using as well. Of course, conducting this is in a safe and secure manner is critical. So does your service level agreement allow you to do that? Do you own your data or do they? Many early adopters of SaaS applications have found they are not in the right position to negotiate their SLA when they did not establish the contractual guidelines properly at the beginning.

I hope you think and analyze carefully through these issues as pointed out as these and many others need to be considered as you evaluate software as a service options. You must ensure you are not just finding the fastest path to avoid IT cycles or cost savings but are prepared to manage and provide oversight to SaaS choices you make. You will need to be responsible for ensuring that your business applications and data, whether rented or owned, is being managed properly and can be leveraged effectively as part of your business.

Let me know your thoughts.The economic environment has placed increased pressure on organizations to use their IT budgets and resources wisely... Software as a service (SaaS) alternatives could be a great opportunity to deliver business value and avoid long IT cycles... But nothing comes so easily without precautions and warnings.

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.