The economic environment has placed increased pressure on organizations to use their IT budgets and resources wisely... Software as a service (SaaS) alternatives could be a great opportunity to deliver business value and avoid long IT cycles... But nothing comes so easily without precautions and warnings.
The economic environment has placed increased pressure on organizations to ensure they are even wiser with their IT budgets and resources in order to respond effectively to business. As organizations find methods to reduce and avoid costs, the dilemma of installing and maintaining software and applications continues to be a place for examining alternatives. These software as a service (SaaS) alternatives could be a great opportunity to deliver business value more immediately and avoid long IT cycles that may conflict with the time pressures of your organizations. But nothing comes so easily without precautions and warnings.Now, you must realize that by having your application operate outside of your organization, your data being created or integrated is not under your supervision and in many cases, it is not even under the provider's supervision. Therefore, it is important to ensure that the provider has complied with industry compliance standards in how they manage your data and who has access to the data in their hosting company and organization are controlled in their access to your data. This is why there is a lot of discussion and focus on SAS 70 Type I and Type II compliance as outlined by the AICPA and conducted by auditors. This can help ensure that processes and policies are defined and managed to ensure the protection of your system that you are using in a software as a service (SaaS) manner by the actual provider or their hosting partner. You should examine your potential SaaS provider certifications and who conducted them to ensure the right level of security and that it is being maintained and reviewed on an annual basis.
Now, what is additionally important is to ensure that you can access your data in the application for other business purposes that are critical for you. In many organizations the re-integration of data from an SaaS provider into a centralized data mart or business intelligence system is needed to gain a complete view of your employees, customers, sales, etc.. In fact, the access and integration of that data over the Internet needs to connect to other SaaS provider offerings that you may be using as well. Of course, conducting this is in a safe and secure manner is critical. So does your service level agreement allow you to do that? Do you own your data or do they? Many early adopters of SaaS applications have found they are not in the right position to negotiate their SLA when they did not establish the contractual guidelines properly at the beginning.
I hope you think and analyze carefully through these issues as pointed out as these and many others need to be considered as you evaluate software as a service options. You must ensure you are not just finding the fastest path to avoid IT cycles or cost savings but are prepared to manage and provide oversight to SaaS choices you make. You will need to be responsible for ensuring that your business applications and data, whether rented or owned, is being managed properly and can be leveraged effectively as part of your business.
Let me know your thoughts.The economic environment has placed increased pressure on organizations to use their IT budgets and resources wisely... Software as a service (SaaS) alternatives could be a great opportunity to deliver business value and avoid long IT cycles... But nothing comes so easily without precautions and warnings.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.