Software as a service: GCN separates fact from fiction
Software as a service, also known as on-demand software, is steadily gaining momentum as a delivery model of choice ' particularly in the commercial world but also government.
With SaaS, a vendor provides maintenance, technical operations and support of commercial or specially designed applications for its client. The SaaS provider typically hosts the software at its facilities and offers a flexible subscription pricing plan, usually as a monthly fee or on a pay-as-you-use basis. Organizations do not have to buy, install or maintain software or hardware because they access applications via the Internet from their desktop PCs or mobile devices.
The goal is to allow organizations to quickly implement business applications, letting them avoid large infrastructures and ongoing administrative costs.
This approach might sound familiar. It was a model followed by application service providers during the 1990s, when they provided services and third-party applications to users over a wide-area network from a central data center.
But ASPs never really caught on because the providers offered a diverse set of applications that required heavy customization for each user, said David McQueeny, IBM vice president and chief technology officer at its U.S. federal government unit. 'That's not really efficient.'
SaaS providers generally develop software that doesn't need a lot of customization, and a wide range of industries can use the applications.
At the moment, the two hot areas for SaaS are customer relationship management (CRM) and human resources management software, said Mike Mankowski, an analyst at Tier 1 Research. These are horizontal-type applications that can be applied across diverse businesses or government agencies.
'SalesForce.com is the 800-pound gorilla,' in CRM, Mankowski said. Other vendors include RightNow Technologies, which offers a hybrid of on-demand and on-premise CRM software, and Taleo, a maker of talent management software.
Industry analysts anticipate steady growth in the sector during the next few years. For instance, market researcher Gartner predicts that 25 percent of new business software will be delivered as SaaS by 2011. Traditional software providers such as IBM, Microsoft and Oracle have entered the fray.
The Defense Information Systems Agency selected IBM Global Services last year to provide network-centric collaboration services that will be delivered through an on-demand model. Meanwhile, Oracle provides a portfolio of applications to business and government clients on a subscription or managed basis through Oracle On-Demand.
As with any emerging approach or technology, users are bombarded with positive and negative claims about the viability of SaaS and whether it is a suitable alternative to on-premise software. We've tried to address some of the most prevalent claims to determine their validity.
1. SaaS shortens the time to deliver new functionality and lowers implementation costs .
New Jersey Transit was able to replace an existing CRM system in a five-month period with a solution that enabled the agency to boost the productivity and effectiveness of its customer operations.
Officials wanted to capture all customer interactions and track the organization's responses. They also wanted all customer service employees to access the new system and riders to directly enter information. NJT officials turned to SalesForce.com's on-demand model because of its minimal information technology requirements, customization capabilities and anytime, anywhere access.
NJT's IT department did a review in early 2005 and recommended SalesForce as a viable product, said Dennis Martin, NJT's senior director of customer service and transit information. In April 2005, the agency launched a pilot to develop a system from a government service industry standpoint. Between April and July 2005, customer service officials worked with SalesForce.com and NJT's IT operations group to develop a workable system. They officially implemented the SalesForce solution agencywide in July 2005. Within three months, the system had been deployed to all of NJT's operating units, Martin said.
They were able to deploy the system to more than 150 customer service employees, 3,000 other employees and riders.
'That timeline is actually fairly remarkable,' said Jim Redeker, the transit agency's assistant executive director, who oversees the IT and customer service operations. It was remarkable because the move to the new system included not only architectural changes or approaches within SalesForce and some customization to meet NJT needs but also the field installation and training of field employees who did not have technical or computer skills, Redeker said.
NJT is set up as a central customer service organization, but all the responses are being handled by bus, rail and light-rail operations ' the largest statewide transit agency in the country, Redeker said. 'That means we're operating across the entire state out of many facilities.'
'That's where the Internet-based model helps because we did not have to worry about hardware installation and data lines,' Martin said. 'The fact that we could do it quickly won over a lot of skeptics in the operating groups, because, traditionally, systems take a while to put in.'
'I think our relationship brought to bear some terrific ideas that SalesForce has now pushed to other customers based on what they did for us,' Redeker said.
'Obviously, any project can take longer or shorter, depending on how well it's managed,' said Dan Chenok, vice president at SRA International. 'In the time you go from start to finish with an SaaS approach, you've already got the platform built, and you're just designing the application or the data flow.'
Typically, deployment of traditional on-premise CRM or enterprise resource planning software, such as those from Siebel Systems, could take from 18 to 24 months, said Rich Froble, SaaS enablement product director at USi, an AT&T company that helps independent software vendors create and implement SaaS offerings.
'Delivering software as a service in its pure form absolutely adds lower implementation costs, faster return on investment and faster time for users to [achieve] benefit,' he said.
2. The SaaS pricing model is suitable for government.
Verdict: True! (if done properly)
Lt. Gen. Charles Croom, DISA's director, has been vocal in his support for buying commercial products when it makes sense. One product category that fits the model is collaboration software, which performs a well-defined function, McQueeny said. 'You can stand it up and have a lot of people use it.'
DISA put out a request for proposals along those lines last year, McQueeny said. Basically, officials said they wanted to pay on a fee-per-use basis. They didn't want to pay for systems installation, equipment or software licenses. They wanted someone to come in with a commercial model and sell 'us this thing by the drink,' he said.
IBM delivers the Lotus SameTime collaboration suite ' used for text chat, instant messaging and Web conferencing ' in three different ways. In each case, the software has the same configuration and provides the same service. The difference is the security level.
In one model, the software is hosted at a physically secure facility and has many of the security features the Defense Department demands. This setup is for unclassified DOD employees who communicate with classified people.
The second involves the classified Secret IP Router Network, which is inside DOD's firewall for use at the classified or secret level.
DOD has bought the collaboration suite and put it in a classified enclave above the secret level, so they can use the software as a service or as a suite of products on premise.
'DISA is showing that this kind of procurement model can work,' McQueeny said. 'What is interesting about this model is that the government is saying, 'Here is a service that is widely available that lots of people use, and I would like to ride that economic horse and just pay for my incremental usage.' It is a completely reasonable thing for them to want to do.'
Agencies adopting this model can implement mature, robust software quickly, pay for incremental use and shift the risk from themselves to the vendor, McQueeny said.
Of course, the supplier has to count on signing up enough users at a rate the government is looking for to make a return on the investment.
The total cost of ownership using a SaaS model has been favorable for the Federal Consulting Group, a franchise of the Treasury Department. The performance measurement and customer satisfaction team is using a SalesForce solution to more effectively track and manage agreements with federal agencies. The group provides management consulting, executive coaching and performance measurement tools to agencies.
On the General Services Administration schedule, SalesForce offers various versions of its products for different numbers of users. The consulting group uses the professional edition of the software for five users, said Brendan Jinnohara, a management analyst at the Federal Consulting Group, a small organization with no IT department.
'This has worked pretty well for us,' he said. 'The per-user price is pretty reasonable considering that we don't have to do any of the back-end work.'
SaaS, in many cases, is an excellent way for government agencies to get the support they need without adding to their infrastructure or staff, said Susan Grow, a performance measurement consultant at the Federal Consulting Group.
3. SaaS performance can be slow and unreliable.
In an environment in which a SaaS provider is hosting many clients, it is easy to see why there might be a perception that performance could be slow or applications might be unavailable, industry experts say. But SaaS providers say multitenancy allows them to scale up to meet the needs of a large organization providing software to multiple clients or down to address the requirements of the mom-and-pop businesses.
With on-demand, the customers are sharing capacity, and they don't have to build for peak performance, said David Vap, vice president of products at RightNow Technologies. The provider can allocate capacity to meet its clients' hardware and bandwidth needs, he said.
The company has done this for several federal customers such as the Education Department, where RightNow on-demand software is used to manage and track e-mail inquiries from visitors to the agency's site.
For example, the company successfully handled a spike in e-mail traffic two years ago after Secretary Margaret Spellings made comments about a children's show that ran on PBS stations, said Maria Zacharias, director of the department's information resource center.
The agency typically received 800 to 1,000 e-mails a month; after the secretary's comments, its site was inundated with 3,000 e-mails the first few days. RightNow was able to allocate the resources to handle the extra load, Zacharias said.
The Centers for Medicare and Medicaid Services uses RightNow to use the Web as an information delivery channel and the Census Bureau applies the company's software to reduce incoming call and e-mail volume.
4. SaaS increases security risks more than other methods.
'The two biggest issues government has to deal with in regard to SaaS are security and the issue of ownership,' Chenok said. 'Security is largely a perception.'
'So as long as the SaaS provider has a good security protocol that they're following internally, have segregated the data and systems properly, and have the proper firewalls and ' of course ' management controls and intrusion detection, then the security issue becomes more a question of data transit,' Chenok said. 'How secure are the links between where the data resides at the agency site and the SaaS server?'
Redeker said NJT didn't have a big concern about security after the agency's IT department consulted with SalesForce and saw that all of NJT's security requirements were being met.
The question users should be asking SaaS vendors is whether they have built and actually coded their applications with security principles in mind, Froble said. There are a lot of applications, supposedly secure behind an organization's firewall, that have gone through all the product development cycles, yet still are vulnerable to a savvy hacker, he said.
'When I think about [mitigating] security risks, it's
[about] applications being coded in such a way [as] to prevent a hacker from
breaking in through Web browsers," Forbes said.
5. Integration with SaaS and existing systems and
applications is difficult.
Verdict: It depends!
SaaS vendors have been trying to address concerns about data integration.
RightNow, for instance, is adding a component, called Connect, that is designed to enhance the product's ability to integrate with an organization's systems and applications.
NJT was able to integrate SalesForce's system with the agency's data warehouse, employee information and e-mail management systems.
Data integration also has been a hot topic with service-oriented architectures, the reusability of code and the ability to have modules of points of presence within applications, Froble said.
'Look at what Oracle is doing with its Business Process Engineering Language,' he said. 'We use it internally to deliver our Oracle applications to our customers to help them integrate with external systems.' It doesn't require the purchase of expensive enterprise integration applications. 'We're talking about building components that are largely delivered with the technology. With some customization and basic script writing, you can now have a decent integration story,' Froble said.
Integration struggles might be more of a myth, Mankowski said. Integration with a SaaS application and older systems is still necessary, 'but I would say you don't need a busload of consultants for three years on-site to implement the integration.'
Based on the architectures of the SaaS products and the programming interfaces, which are usually open, it's easier to plug into older systems, Mankowski said.
SaaS is gaining momentum. It has been more prevalent in the private sector, but successful deployments of large-scale projects ' such as DISA's collaboration efforts and Oracle's work to provide on-demand financial management software to various agencies ' might spur interest among federal agencies for applications beyond CRM and human resources management.
SaaS is not a delivery model for every application. More heavily customized and proprietary applications, such as those used to develop weapons systems, to take an obvious example, would be better suited to remain on-premise. Industry experts expect organizations to embrace a hybrid model of deploying on-demand and on-premise software.
SaaS 'is a change in mind-set, and it comes down to the cost-benefit analysis: 'Do I want to own all of my infrastructure, do I want to have licenses and maintenance, or do I shift up my business processes a bit and pay a lot less for the service and adapt for the change?', ' Mankowski