Google, Workday Outages Show SaaS Isn't Perfect - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Cloud // Software as a Service

Google, Workday Outages Show SaaS Isn't Perfect

Software-as-a-service lets CIOs pay only for what they need, but CIOs need to make sure they get the system performance they've paid for.

"It's like waiting in line at the airport when your flight's been cancelled. If the agent's not giving you enough information to make a decision on what you should do next, you become frustrated. It's how you handle crisis management -- do you hide information from customers, or tell them everything you have so that they can make decisions?"

Google, meanwhile, had a nearly two-hour outage on Sept. 1 that affected all of its enterprise customers, including Genentech, Hamilton Beach, and Johnson Diversey, and another later in the month that affected a small group of customers.

Still, in the roughly 10 years since hosted software services have been available, the average rate of uptime for any given SaaS vendor is likely higher than what typical IT shops experience with comparable applications installed on-premises, Wang said. But when apps are in the cloud, "these providers are going to have to be responsible for a lot more," he said.

Google, which offers an ongoing Apps Status Dashboard on availability, notified all users in a blog, but large enterprise customers were offered one-on-one post-mortem calls with Google executives.

There can be varying levels of vendor responsibility, depending on what arrangements have been made. For example, companies such as Oracle offer to host software in a customer's own data center. If the customer's hardware running the software causes an outage, then the SaaS vendor might not be responsible for it.

Not all SaaS vendors are willing to do service-level agreements, particularly if it's a low-cost service notes Todd McClelland, a Washington, D.C.-based attorney who represents both cloud computing customers and vendors on deals. "If you're not paying a lot, then the vendor is not going to take a whole lot of responsibility," McClelland said. "We're only seeing discussion of SLAs in very large deals."

Still, as interest in SaaS and other types of cloud computing picks up, there's more discussion of how to formalize vendor expectations around both performance and security, McClelland said.

For example, some customers are asking for vendors to show SAS 70 certification, McClelland said. That stands for Statement on Auditing Standards No. 70, Service Organizations, and was established by the American Institute of Certified Public Accountants as a way to assess how well a firm handles sensitive data. But in recent years it's been used by non-accounting firms to audit the quality of security systems, processes and controls. Google, for example, has pointed to its SAS 70 certification as proof that its cloud computing services are secure.

Companies need to "consider whether vendors should be holding and hosting certain types of customer data," said McClelland. "The Amazons and IBMs of the world will implement security measures that are greater than customers would have on their own systems," he said. "But even though large vendors' systems are more protected, there [are] more people who will want to hack into those systems because there's so much more data."


InformationWeek has published an in-depth report on new software models. Download the report here (registration required).

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
News
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
Slideshows
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Slideshows
Flash Poll