Posts
A reader asked me recently, “What are the downsides of SaaS [software as a service], aka the cloud?”
The more I thought about it, the more the question fascinated me. I’ve created my career around SaaS and cloud computing. In particular, CRM products such as SugarCRM, Salesforce.com, and social media such as Twitter and LinkedIN. As I considered the question, I realized that probably 75% of the software I used each day, didn’t live on any of my PC’s or servers. Then I started getting a little nervous.
The arguments for SaaS are well known and don’t need much explanation. No worries about upgrades, maintenance, or in many cases, configuration. Lower total cost of ownership and greater end user experience.
In my opinion, formed by extensive reading and discussion with everyone from the pioneers of SaaS and cloud computing to the rawest end users, the objections and worries can be boiled down into two streams: Security and Reliability. Let’s take a look at security first.
When I was four years old, my mother took me to the bank and had me hand over the piles of coins and a few crumpled dollar bills. In return, I received a dark red, small book, a savings account passbook. As soon as we left the bank, my first question to my mother was, “How do I know the bank won’t steal my money?” I don’t remember my mother’s response, but it must have relieved my fears, because I kept that passbook account until I left for college!
In the same way, when most people first consider SaaS or the cloud, they express in one way or the other, the fear that their data will be sent over the net and then held in the hands of others. What if its intercepted? What it the keepers steal it? What if the remote application is hacked?
Reasonable questions, but how severe is the risk? If we use standard, secure protocols, transmitting data over the net is virtually risk free. To be frank, the greatest risk of interception in my experience is from internal threats or from someone with physical access to the users machine. How well do you really know the cleaning people?
I suppose the SaaS application provider might steal your data, but by the same token, what about Sal or Mike or Jane in your IT department? Unless you are dealing with some very shady companies, I suggest the risk of outright theft is vanishingly small.
Hacking is more real risk. Of course, any application that is visible to the world, hosted or local, is vulnerable. The key here is to deal with vendors that regularly test and harden their systems. Don’t just ask about it, demand it. If you can’t tell me what physical and network defenses your SaaS or cloud providers use, at least at a high level, I wouldn’t want you on my team.
So, you’re convinced your data is safe, but what about accessible? If the SaaS or cloud provider goes down or the net connection is lost, so is your application and access to your data. Scary!
Well, yes, it is scary. So is a fire at your local data center (happened to me last year), terrorists destroying your data center (I was in NJ during 9-11), and Comcast cable inexplicably cutting me off from the web for 48 hours. My point? A good vendor is much, much, more likely to have multiple layers of redundancy than any small, local data center. The rest of the stuff? Things no one can reasonably defend against. I recommend good backups + prayer.
Recently, Salesforce.com had an outage that for our instance, lasted about 90 minutes. A few of my end users complained. There was some inconvenience. No lives were lost and no deals were lost. The company I work for is a software manufacturer. If we provided medical services or air traffic control, a 90 minute outage would have had a much different level of angst.
In the real world, most of us can afford the brief outages that afflict even the best of vendors. If your business can’t, you need serious, deep, redundant, failover systems. If that describes you, stop reading now and go double check your server room! If it doesn’t, relax…
Bottom line? SaaS and the cloud provokes fears about security and reliability, but unless you’re using it to control mission critical, human life in the balance functions, just sit back and enjoy your wise choice in selecting the SaaS and the cloud!
3 comments: